Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VLAN on ASA5505

Hello,

I have configured my access point to have two SSID's, each with their own VLAN.

My challenge is to create a VLAN somehow on the ASA so that I can route traffic differently for each SSID.

Problem is:  I have limited knowledge of the ASA.  I am able to configure permissions, nats, and vpn, etc.

Can someone please guide me on how to create this vlan?

Also, I have a managed switch (Cisco SG-200-18)  atttached to the ASA5505 - I have the option to create a VLAN there also if necessary.

Most importantly, I have the SECURITY PLUS license.  I understand that this uncomplicates things as far as the number of VLANS you can have.

Thanks in advance.

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

VLAN on ASA5505

You configure ports as access or trunk and then you configure SVI on the ASA in the same way as on a switch.

The configuration guide is here:

http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/interface_start_5505.html#wp1125063

This is the basic configuration:

conf t

int e0/0

switchport mode trunk

switchport trunk allowed vlan 10, 20

no shut

!

int vlan 10

nameif SSID1

description SSID1

security-level 100

ip add x.x.x.x y.y.y.y

!

int vlan 20

nameif SSID2

description SSID2

security-level 100

ip add z.z.z.z y.y.y.y

That is if you have a trunk, otherwise use two ports and set them to access.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib CCIE #37149 Please rate helpful posts.
1 REPLY
Silver

VLAN on ASA5505

You configure ports as access or trunk and then you configure SVI on the ASA in the same way as on a switch.

The configuration guide is here:

http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/interface_start_5505.html#wp1125063

This is the basic configuration:

conf t

int e0/0

switchport mode trunk

switchport trunk allowed vlan 10, 20

no shut

!

int vlan 10

nameif SSID1

description SSID1

security-level 100

ip add x.x.x.x y.y.y.y

!

int vlan 20

nameif SSID2

description SSID2

security-level 100

ip add z.z.z.z y.y.y.y

That is if you have a trunk, otherwise use two ports and set them to access.

Daniel Dib
CCIE #37149

Please rate helpful posts.

Daniel Dib CCIE #37149 Please rate helpful posts.
203
Views
0
Helpful
1
Replies