10-03-2007 02:46 PM - edited 03-11-2019 04:20 AM
I was wondering if it is possible to have multiple inside(100) interfaces.
I have say two customers that need to be seperated.I have created two subinterfaces(gi0/1.1 and gi 0/1.2)
IP addresses are 192.168.1.1/24 & 192.168.2.1/24.They are both assigned security-level 100.
These interfaces also act as the gateways for the subnets.
Only one outside interface configured.
Can this work?
10-04-2007 05:32 AM
Hi,
Yes, this should work. Please refer the below URL that discusses a similar scenario.
If you look through the configuration, E1.1(VLAN2) and E1.2(VLAN3) are sub interfaces on the inside with same security level.
interface Ethernet1.1
vlan 2
nameif vlan2
security-level 100
ip address 10.0.1.1 255.255.255.0
!
interface Ethernet1.2
vlan 3
nameif vlan3
security-level 100
ip address 10.0.2.1 255.255.255.0
I hope it helps.
Regards,
Arul
** Please rate all helpful posts **
10-04-2007 04:27 PM
You can have two interfaces with the same security level but they might cause problems when passing traffic between them. If you need to pass traffic between the two internal subnets you will need to add the command:
same-security-traffic permit inter-interface
Here is a link that you can use as a reference:
http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/s1.html#wp1346877
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide