Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6106
Views
0
Helpful
4
Replies

Removing Vlan from ASA

Go to solution
mahesh18
Level 6
Level 6

‎04-14-2014 09:44 AM - edited ‎03-11-2019 09:04 PM

 

Hi Everyone,

 

I need to remove vlan 20 from ASA 5520 which is in Active/Standby Mode.

Currently config from Active ASA

interface GigabitEthernet0/0.3
description Visitor 
 vlan 20
 nameif dmz_visitor
 security-level 4
 ip address 192.168.50.1 255.255.255.0 standby 192.168.50.2

 

Regards

MAhesh

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-14-2014 10:26 AM

Mahesh,

Normally we would remove the complete subinterface (gi0/0.3 in your example) from global configuration mode:

     no int gi0/0.3

The interface mode command "vlan 20" would not normally be removed but if you instead want to change it, just entering a new "vlan __" command (in interface configuration mode) will replace the existing one.

View solution in original post

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to mahesh18

‎04-15-2014 05:12 AM

I did not mean it has "interface vlan 20" but rather that "vlan 20" is a command that is only valid when in (sub)interface configuration mode

In any case - that's correct: just remove the subinterface which includes the "vlan 20" command within it.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-14-2014 10:26 AM

Mahesh,

Normally we would remove the complete subinterface (gi0/0.3 in your example) from global configuration mode:

     no int gi0/0.3

The interface mode command "vlan 20" would not normally be removed but if you instead want to change it, just entering a new "vlan __" command (in interface configuration mode) will replace the existing one.

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Marvin Rhoads

‎04-14-2014 05:03 PM

 

Hi MArvin,

 

ASA is 5520 so it does not have int vlan 20.

Seems no int gi0/0.3 should remove everything including vlan 20 right?

 

Regards

MAhesh

0 Helpful

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame
In response to mahesh18

‎04-15-2014 05:12 AM

I did not mean it has "interface vlan 20" but rather that "vlan 20" is a command that is only valid when in (sub)interface configuration mode

In any case - that's correct: just remove the subinterface which includes the "vlan 20" command within it.

0 Helpful

Go to solution
mahesh18
Level 6
Level 6
In response to Marvin Rhoads

‎04-15-2014 05:39 AM

 

Many thanks Marvin.

 

Best Regards

MAhesh

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card