Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

5540 and sub interfaces

One of my client has a 5540 security appliance where I have configured DMZ and other few things . Currently it has 4 workable interfaces excluding management interface . 3 of them are used for data connectivity because 1 port is for failover .

Now with 3 physical interface we have 4 zones using sub interfaces ( vlans ) . Recently there has been a change in network where they have introduced few other types of servers and now there is a request to make more zones

Avaliable Data interfaces are 3

Required Zones are 7

Now this is possible using sub interfaces ( vlan ) but I want to know if this is a recommended solution to use subinterfaces at such large scale and dividing every possible interface . It is a company of 1000 users , other option could be to put an 4GE-SSM card but please let me know if the subinterfaces solution is recommended one for enterprizes ?

Cisco Employee

5540 and sub interfaces


Sub-interfaces will work fine for you, but just keep in mind that it is still a shared physical medium. Therefore, the sum of the aggregate traffic in all of the VLANs cannot exceed the capacity of the single physical interface. I would suggest ramping up the traffic slowly and monitoring for any performance issues, but otherwise you should be fine.


CreatePlease to create content