Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1631
Views
0
Helpful
2
Replies

ASA 5505 Subinterface Equivalent

Go to solution
wrwiii122
Level 1
Level 1

‎11-13-2014 08:22 PM - edited ‎03-07-2019 09:30 PM

I normally use 5520's but need to use a 5505 and realized it is a little different and can not do sub interfaces.  I have read that I can trunk an interface but how do I assign IP addresses to each of those VLANs on that trunk so that it can NAT?  Currently I only need 4 vlans so I have created a vlan on each switchport with 4 cables each running to an access port on the switch.  The issue comes into play if I ever need more than 8 because of the limitation of physical ports.  Also it doesn't seem to let me choose my own vlan number, it creates 2, 12, 22, 32 on its own

Anyone have any insight?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Karsten Iwen
VIP
VIP

‎11-16-2014 11:57 PM

The interface-config of the ASA 5505 is nearly the same as on a Layer3-Switch. Instead of using a subinterface, you configure an "interface vlan X" with ip, nameif, sec-level". The vlan is used on the Ethernet-interface where you tell the switchport to be a trunk and which vlans should be allowed.

It could look like the following:

interface Ethernet0/0
 switchport mode trunk
 switchport allowed vlan 100,200
!
interface Vlan100
 nameif inside
 security-level 100
 ip address 10.10.100.251 255.255.255.0
!
interface Vlan200
 nameif WLAN
 security-level 90
 ip address 10.10.99.251 255.255.255.0

 

More on the interface-config is found in the config-guide:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/interface_start_5505.html

View solution in original post

0 Helpful
2 Replies 2

Go to solution
wrwiii122
Level 1
Level 1

‎11-16-2014 06:24 PM

The GUI was not working very well to make things happen right.  Using the CLI solved the issue.

0 Helpful

Go to solution
Karsten Iwen
VIP
VIP

‎11-16-2014 11:57 PM

The interface-config of the ASA 5505 is nearly the same as on a Layer3-Switch. Instead of using a subinterface, you configure an "interface vlan X" with ip, nameif, sec-level". The vlan is used on the Ethernet-interface where you tell the switchport to be a trunk and which vlans should be allowed.

It could look like the following:

interface Ethernet0/0
 switchport mode trunk
 switchport allowed vlan 100,200
!
interface Vlan100
 nameif inside
 security-level 100
 ip address 10.10.100.251 255.255.255.0
!
interface Vlan200
 nameif WLAN
 security-level 90
 ip address 10.10.99.251 255.255.255.0

 

More on the interface-config is found in the config-guide:

http://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/interface_start_5505.html

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card