Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Requirement to use sub interfaces on ASA 5520 Firewall in failover config

Dear All,

i recently involved in one of the ASA 5520 firewall installation. We ordered the 2 firewall with limited 4 ports to support the client's exsiting 7 Networks.Now we have found the port shortage to support the said number of the interfaces (7). I configured the firewall in LAN fialover usign 1 ports exach from the bothe firewall. Now we have 3 ports in eaxh firewall to support 7 networks (I Internal ,1 Outside, 5 DMZs).

Please could u give the solution to configured the sub interfaces to solve the issue. Client already bought the AIP-SSM for the slot in free.

Thanks in Advance.

swami

1 REPLY
Silver

Re: Requirement to use sub interfaces on ASA 5520 Firewall in fa

If the DMZ interface is connected to a switch create sub-interfaces and setup the switch port for do1q trunking.

interface GigabitEthernet0/3

description DMZ Interface

speed 100

duplex full

no nameif

no security-level

no ip address

no shut

interface GigabitEthernet0/3.20

description DMZ Subnet 1

vlan 20

nameif DMZ1

security-level 50

ip address X.X.X.X X.X.X.X

interface GigabitEthernet0/3.30

description DMZ Subnet 2

vlan 30

nameif DMZ2

security-level 50

ip address X.X.X.X X.X.X.X

Thanks,

Chad

Please rate if helpful!

109
Views
0
Helpful
1
Replies