You may create subinterfaces using gi0/2 interface and connect this interface to trunk port of 2960. The physical port by itself will act as trunk port and you dont need to configure this separately.
We need to keep in mind that if you have created subinterfaces and have not given any nameif command on the main physical interface then this interface will only accept tagged packets. Thus packets from native vlan on switch trunk will be dropped. If you need to pass these native vlan packets also, you can give nameif command on the main physical interface. So lets say you have following
so you need to connect gi0/2 port to the trunk port of 2960. ASA would accept tagged packets for vlan 10, 20 and these will be sent to gi0/2.1 and gi0/2.2 respectively. Untagged packets will be sent directly on the physical interface which would be part of native vlan.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...