Does the ASA5510 support VRFs?

Answered Question
Jun 29th, 2010

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;}

Hello

Does the ASA5510 support VRFs?

Ideally we would like to have one VRF for the management traffic and another one for everything else.

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;}

Maybe the ASA has an alternative to VRFs….?

I’d appreciate if someone could give us some advice.

Many thanks,

Damian

I have this problem too.
0 votes
Correct Answer by kchapman about 6 years 6 months ago

Hi Damian,

The ASA does support Virtual firewalls (firewall contexts). Please see the configuration guide below.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/contexts.html.

This is a licensed feature that requires the security plus license on the ASA5510.

Some limitations to using the ASA in this mode is VPN and dynamic routing protocols are not supported in multiple context mode. If these are features you were looking at, you may consider the 'management-only' interface configuration which limits traffic on a specific interface to management only.

I hope that helps!

-KC

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
kchapman Tue, 06/29/2010 - 06:36

Hi Damian,

The ASA does support Virtual firewalls (firewall contexts). Please see the configuration guide below.

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/contexts.html.

This is a licensed feature that requires the security plus license on the ASA5510.

Some limitations to using the ASA in this mode is VPN and dynamic routing protocols are not supported in multiple context mode. If these are features you were looking at, you may consider the 'management-only' interface configuration which limits traffic on a specific interface to management only.

I hope that helps!

-KC

damianhinojosa Tue, 06/29/2010 - 08:21

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0cm 5.4pt 0cm 5.4pt; mso-para-margin:0cm; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman"; mso-ansi-language:#0400; mso-fareast-language:#0400; mso-bidi-language:#0400;}

Thanks KC,

Our appliances are purely used for VPNs!

Never mind thanks for the info.

Cheers,

Damian

Actions

This Discussion