Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Using SubInterfaces with ASA 5510

Dear All,

I have ASA 5510, and I want to use one Ethernet port of it as like sub-interfaces in which I want it to have two IPs.

Somebody told me that I can configure something called virtual zones !

consulting your expertise, how can I do this?

2 REPLIES

Re: Using SubInterfaces with ASA 5510

Not sure about virutal zones, but the ASA can run in multiple context mode see the below link:-

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00808d2b63.shtml

Or you can create a trunked interface on the ASA and have muiltiple sub-interfaces based on dot1q.

HTH>

Re: Using SubInterfaces with ASA 5510

Mahmoud,

As Andrew mentioned, you probably want to setup subinterfaces like this:

interface GigabitEthernet0/2

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/2.5

vlan 5

nameif admin

security-level 100

ip address 10.1.1.254 255.255.255.0

!

interface GigabitEthernet0/2.50

vlan 50

nameif sales

security-level 60

ip address 192.168.1.1 255.255.255.0

!

You can then treat the subinterfaces like regular interfaces (apply ACLs, NAT, etc.).

Hope that helps.

-Mike

279
Views
0
Helpful
2
Replies
CreatePlease to create content