cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
0
Helpful
2
Replies

Using SubInterfaces with ASA 5510

mmajai_cisco2
Level 1
Level 1

Dear All,

I have ASA 5510, and I want to use one Ethernet port of it as like sub-interfaces in which I want it to have two IPs.

Somebody told me that I can configure something called virtual zones !

consulting your expertise, how can I do this?

2 Replies 2

andrew.prince
Level 10
Level 10

Not sure about virutal zones, but the ASA can run in multiple context mode see the below link:-

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

Or you can create a trunked interface on the ASA and have muiltiple sub-interfaces based on dot1q.

HTH>

Mahmoud,

As Andrew mentioned, you probably want to setup subinterfaces like this:

interface GigabitEthernet0/2

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/2.5

vlan 5

nameif admin

security-level 100

ip address 10.1.1.254 255.255.255.0

!

interface GigabitEthernet0/2.50

vlan 50

nameif sales

security-level 60

ip address 192.168.1.1 255.255.255.0

!

You can then treat the subinterfaces like regular interfaces (apply ACLs, NAT, etc.).

Hope that helps.

-Mike

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: