Can the 5515 be configured simliar to how an older 5505 could be configured, meaning I only need two subnets. I want to make one interface the outside, and all the other ports on the inside network. If I give interface eth0/1 an inside ip address, how do I configure it so the rest of the ports will also fall on this inside network, as I'll have inside devices that plug directly into it. Do I set it up with vlan's? I can't find any configuration guides that are specific to the new 5515. Please advise. I'm running 8.6 code. Thanks
The ASA5505 model is pretty unique compared to the other ASA models both old and new. The ASA5505 contains an 8 port switch module this is why its configured like an L3 switch where multiple ports can belong to the same subnet as they are Access mode switch ports.
The other ASA models however contain Routed ports and they cannot be used as a Switch port like on the ASA5505.
So you wont be able to use the ASA5515 in the same way as the ASA5505 since the other one contains a switch module while the other one is more like a router with regards to the interfaces.
Isn't the ASA5515 a bit overkill to be just used for a handfull of internal hosts considering that it contains 6 physical ports?
yes, it's overkill. I won't get into the decision making, but I agree its overkill. That being said,so there is no way this can be setup with configuring vlan interfaces so I could bind a few interfaces to the same inside VLAN?
The closest to this I would imagine is configuring the ASA in Transparent mode but that is really used between an actual router and the users and because of this the ASA doesnt act as any kind of router. So I assume that this is not an option.
The main problem is the thing I mentioned before. The ASA5505 is the only ASA model that contains a switch module built in which enables you to configure a logical SVI interface which holds the IP address while the actual physical ports are then assigned to that Vlan as Access Mode ports.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...