Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
249
Views
0
Helpful
1
Replies

Can I assign more than 1 vlan to a sub-interface when running an ASA transparently using contexts?

rzc0v0-chris
Level 1
Level 1

‎06-02-2010 07:25 AM - edited ‎03-11-2019 10:53 AM

I have a client who want to run an ASA5550 transparently using contexts in multiple mode as below. 

Context 1: Service
Incoming trunk containing 81 and 82

Output trunk containing 86 and 87

81 -> 86
82 -> 87


Context 2: Management
Incoming trunk containing 10,11,12,13,14,15

Output trunk containing 70,71,72,73,74.75

10 -> 70
11 -> 71
12 -> 72
13 -> 73
14 -> 74
15 -> 75

I was under the impression from what I have read that you could only have 2 vlans per context, 1 on each interface/sub-interface and therefore for this to work they would have to split it down into 14 contexts. Am I correct or can you add more vlans to each context interface? unfortunatly I do not have a lab I can use to test this scenario.

Any input greatly appreciated!

Labels:
0 Helpful
1 Reply 1

m.kafka
Level 4
Level 4

‎06-02-2010 04:10 PM

Hi

you can configure many VLANs in the system context and asign them to transparent firewall contexts via the "context" command, If the firewall contexts are transparent you can only assign a maximum of two for each transparent FW. Solution: upgrade the number of contexts via licensing.

In your case 8 simultaneous contexts:

81 -> 86 - ctx 1
82 -> 87 - ctx 2

10 -> 70 - ctx 3
11 -> 71 - ctx 4
12 -> 72  -ctx 5
13 -> 73 - ctx 6
14 -> 74 - ctx 7
15 -> 75  -ctx 8

Rgds, MiKa

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card