i need more ports on an asa 5540 cluster and rather than adding more ports i was going to configure subinterfaces
i already have a configuration on my physical interface so i'll remove this, create a new subinterface and then configure it with the old physical interface config
i've created and used subinterfaces on large juniper firewalls but never on an asa so i was wondering are there any known issues with subinterfaces on an asa 5540 running v8.2
i'm grateful for anyone's contributions
many thanks to anyone taking the time to reply
You are welcome.
The reason I asked about what interfaces and purpose of the subinterfaces is there isn't a good way to do duel ISP's on the outside of the ASA. They just don't really do that and cannot do any policy based routing for load balancing and such. We tried to set this up in a test environment in my company and found issues with the static routes and which ISP the ASA preferred to use. After doing a bunch of research on it, there is no really decent way to get it done without a true router doing the PBR. Setting weighted routes can be done on routers but not the ASA.
This is why I was asking about what the use is. But in your case as long as you have a device to do the PBR then it should work better. The ASA can do basic routing but it is not what it does best.
I hope this helps and let me know if I can help further.