06-17-2009 09:33 AM - edited 03-11-2019 08:44 AM
Dear All,
I have ASA 5510, and I want to use one Ethernet port of it as like sub-interfaces in which I want it to have two IPs.
Somebody told me that I can configure something called virtual zones !
consulting your expertise, how can I do this?
06-17-2009 09:37 AM
Not sure about virutal zones, but the ASA can run in multiple context mode see the below link:-
Or you can create a trunked interface on the ASA and have muiltiple sub-interfaces based on dot1q.
HTH>
06-17-2009 12:30 PM
Mahmoud,
As Andrew mentioned, you probably want to setup subinterfaces like this:
interface GigabitEthernet0/2
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/2.5
vlan 5
nameif admin
security-level 100
ip address 10.1.1.254 255.255.255.0
!
interface GigabitEthernet0/2.50
vlan 50
nameif sales
security-level 60
ip address 192.168.1.1 255.255.255.0
!
You can then treat the subinterfaces like regular interfaces (apply ACLs, NAT, etc.).
Hope that helps.
-Mike
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: