Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

DMZ interface limitation in FWSM and ASA

Hi there!

Could anyone let me know how many interfaces can be configured as DMZ in FWSM and ASA firewalls..is there any limitation?

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

DMZ interface limitation in FWSM and ASA

Hi,

Interface limitation depends on the device model and its license.

The most limited model is ASA5505 with Base License which only allows 2 normal Vlan interface and one restricted DMZ. With any other model you shouldnt really be running into interface limitations unless you truly have a large network.

This document lists the information related to the original ASA5500 Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80285492.pdf

This document lists the information related to the ASA5500-X Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/at_a_glance_c45-701635.pdf

Both of the above document the maximum amount of Vlan interfaces

I am not sure if the FWSM has any licenses for the interface (Vlan) amount but I do know that its maximum limit is at around 1000 Vlan interface.

Hope this helps

Please do remember to mark a reply as the correct answer if it answered your question.

Feel free to ask more if needed.

- Jouni

1 REPLY
Super Bronze

DMZ interface limitation in FWSM and ASA

Hi,

Interface limitation depends on the device model and its license.

The most limited model is ASA5505 with Base License which only allows 2 normal Vlan interface and one restricted DMZ. With any other model you shouldnt really be running into interface limitations unless you truly have a large network.

This document lists the information related to the original ASA5500 Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/prod_brochure0900aecd80285492.pdf

This document lists the information related to the ASA5500-X Series

http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/at_a_glance_c45-701635.pdf

Both of the above document the maximum amount of Vlan interfaces

I am not sure if the FWSM has any licenses for the interface (Vlan) amount but I do know that its maximum limit is at around 1000 Vlan interface.

Hope this helps

Please do remember to mark a reply as the correct answer if it answered your question.

Feel free to ask more if needed.

- Jouni

114
Views
0
Helpful
1
Replies
CreatePlease login to create content