Cisco PIX 500 Series Configuration Manual page 81

Chapter 4 Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance
Where number is an integer between 0 (lowest) and 100 (highest).
Step 5 (Routed mode only) To set the IP address, enter one of the following commands.
Note
To set the IP address manually, enter the following command:
•
hostname(config-if)# ip address ip_address [ mask ] [standby ip_address ]
The standby keyword and address is used for failover. See
more information.
To obtain an IP address from a DHCP server, enter the following command:
•
hostname(config-if)# ip address dhcp [setroute]
Reenter this command to reset the DHCP lease and request a new lease.
If you do not enable the interface using the no shutdown command before you enter the ip address
dhcp command, some DHCP requests might not be sent.
To obtain an IP address from a PPPoE server, see
•
(Optional) To assign a private MAC address to this interface, enter the following command:
Step 6
hostname(config-if)# mac-address mac_address [standby mac_address ]
By default in routed mode, all VLANs use the same MAC address. In transparent mode, the VLANs use
unique MAC addresses. You might want to set unique VLANs or change the generated VLANs if your
switch requires it, or for access control purposes.
(Optional) To set an interface to management-only mode, so that it does not allow through traffic, enter
Step 7
the following command:
hostname(config-if)# management-only
By default, VLAN interfaces are enabled. To enable the interface, if it is not already enabled, enter the
Step 8
following command:
hostname(config-if)# no shutdown
To disable the interface, enter the shutdown command.
The following example configures seven VLAN interfaces, including the failover interface which is
configured separately using the failover lan command:
hostname(config)# interface vlan 100
hostname(config-if)# nameif outside
hostname(config-if)# security-level 0
hostname(config-if)# ip address 10.1.1.1 255.255.255.0
OL-12172-03
To set an IPv6 address, see the
To set the management IP address for transparent firewall mode, see the
Management IP Address for a Transparent Firewall" section on page
you do not set the IP address for each interface, but rather for the whole adaptive security
appliance or context.
For failover, you must set the IP address an standby address manually; DHCP and PPPoE are not
supported.
"Configuring IPv6 on an Interface" section on page
Chapter 14, "Configuring Failover,"
Chapter 35, "Configuring the PPPoE Client."
Cisco Security Appliance Command Line Configuration Guide
Configuring VLAN Interfaces
12-3.
"Setting the
8-5. In transparent mode,
for
4-7