Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Removing Vlan from ASA

 

Hi Everyone,

 

I need to remove vlan 20 from ASA 5520 which is in Active/Standby Mode.

Currently config from Active ASA

interface GigabitEthernet0/0.3
description Visitor 
 vlan 20
 nameif dmz_visitor
 security-level 4
 ip address 192.168.50.1 255.255.255.0 standby 192.168.50.2

 

Regards

MAhesh

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Silver

Mahesh,Normally we would

Mahesh,

Normally we would remove the complete subinterface (gi0/0.3 in your example) from global configuration mode:

     no int gi0/0.3

The interface mode command "vlan 20" would not normally be removed but if you instead want to change it, just entering a new "vlan __" command (in interface configuration mode) will replace the existing one.

Hall of Fame Super Silver

I did not mean it has

I did not mean it has "interface vlan 20" but rather that "vlan 20" is a command that is only valid when in (sub)interface configuration mode

In any case - that's correct: just remove the subinterface which includes the "vlan 20" command within it.

4 REPLIES
Hall of Fame Super Silver

Mahesh,Normally we would

Mahesh,

Normally we would remove the complete subinterface (gi0/0.3 in your example) from global configuration mode:

     no int gi0/0.3

The interface mode command "vlan 20" would not normally be removed but if you instead want to change it, just entering a new "vlan __" command (in interface configuration mode) will replace the existing one.

New Member

 Hi MArvin, ASA is 5520 so it

 

Hi MArvin,

 

ASA is 5520 so it does not have int vlan 20.

Seems no int gi0/0.3 should remove everything including vlan 20 right?

 

Regards

MAhesh

Hall of Fame Super Silver

I did not mean it has

I did not mean it has "interface vlan 20" but rather that "vlan 20" is a command that is only valid when in (sub)interface configuration mode

In any case - that's correct: just remove the subinterface which includes the "vlan 20" command within it.

New Member

 Many thanks Marvin. Best

 

Many thanks Marvin.

 

Best Regards

MAhesh

667
Views
0
Helpful
4
Replies
CreatePlease to create content