5515 configuration question

Unanswered Question
Nov 11th, 2013
User Badges:

Can the 5515 be configured simliar to how an older 5505 could be configured, meaning I only need two subnets. I want to make one interface the outside, and all the other ports on the inside network. If I give interface eth0/1 an inside ip address, how do I configure it so the rest of the ports will also fall on this inside network, as I'll have inside devices that plug directly into it. Do I set it up with vlan's? I can't find any configuration guides that are specific to the new 5515. Please advise. I'm running 8.6 code. Thanks                  

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jouni Forss Mon, 11/11/2013 - 08:17
User Badges:
  • Super Bronze, 10000 points or more

Hi,


The ASA5505 model is pretty unique compared to the other ASA models both old and new. The ASA5505 contains an 8 port switch module this is why its configured like an L3 switch where multiple ports can belong to the same subnet as they are Access mode switch ports.


The other ASA models however contain Routed ports and they cannot be used as a Switch port like on the ASA5505.


So you wont be able to use the ASA5515 in the same way as the ASA5505 since the other one contains a switch module while the other one is more like a router with regards to the interfaces.


Isn't the ASA5515 a bit overkill to be just used for a handfull of internal hosts considering that it contains 6 physical ports?


- Jouni

mjsully Mon, 11/11/2013 - 08:37
User Badges:

yes, it's overkill. I won't get into the decision making, but I agree its overkill. That being said,so there is no way this can be setup with configuring vlan interfaces so I could bind a few interfaces to the same inside VLAN?

Jouni Forss Mon, 11/11/2013 - 08:53
User Badges:
  • Super Bronze, 10000 points or more

Hi,


The closest to this I would imagine is configuring the ASA in Transparent mode but that is really used between an actual router and the users and because of this the ASA doesnt act as any kind of router. So I assume that this is not an option.


The main problem is the thing I mentioned before. The ASA5505 is the only ASA model that contains a switch module built in which enables you to configure a logical SVI interface which holds the IP address while the actual physical ports are then assigned to that Vlan as Access Mode ports.


- Jouni

Actions

This Discussion