About Physical Ports On The Asa 5505; About Vlans - Cisco ASA 5505 Getting Started Manual

Adaptive security appliance

Hide thumbs Also See for ASA 5505:

Configuration manual (1822 pages)

Administrator's manual (118 pages)

Getting started manual (114 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

page of 168

/ 168
Contents
Table of Contents
Bookmarks

Table of Contents

Understanding VLANs on the ASA 5505

About Physical Ports on the ASA 5505

About VLANs

ASA 5505 Getting Started Guide

3-2

Maximum Number and Types of VLANs, page 3-3

•

The ASA 5505 has a built-in switch with eight Fast Ethernet ports, called switch

ports. Two of the eight physical ports are Power Over Ethernet (PoE) ports. You

can connect PoE ports directly to user equipment such as PCs, IP phones, or a

DSL modem. You can also connect to another switch. For more information, see

Ports and LEDs, page 4-9.

You can divide the eight physical ports into groups, called VLANs, that function

as separate networks. This enables you to improve the security of your business

because devices in different VLANs can only communicate with each other by

passing the traffic through the adaptive security appliance where relevant security

policies are applied.

The ASA 5505 comes preconfigured with two VLANs: VLAN1 and VLAN2. By

default, Ethernet switch port 0/0 is allocated to VLAN2. All other switch ports are

allocated by default to VLAN1.

Physical ports on the same VLAN communicate with each other using hardware

switching. VLANs communicate with each other using routes and bridges. For

example, when a switch port on VLAN1 is communicating with a switch port on

VLAN2, the adaptive security appliance applies configured security policies to

the traffic and routes or bridges the traffic between the two VLANs.

To impose strict access control and protect sensitive devices, you can apply

security policies to VLANs that restrict communications between VLANs. You

can also apply security policies to individual ports. You might want to apply

security policies at the port level if, for example, there are two ports on the same

VLAN connecting devices that you do not want to be able to communicate with

each other.

Before you can enable a switch port on the ASA 5505, it must be assigned to a

VLAN. With the Base platform, each switch port can be assigned to only one

VLAN at a time. With the Security Plus license, you can use a single port to trunk

between three VLANs on an external switch, enabling you to scale your

deployment for larger organizations.

Chapter 3

Planning a VLAN Configuration

78-18003-02

Table of Contents

Show Quick Links

Quick Links:
Chapter 1 Before You Begin
Scenario 1: Private Network with External...

Hide quick links:

Table of Contents

About Physical Ports On The Asa 5505; About Vlans - Cisco ASA 5505 Getting Started Manual

About Physical Ports on the ASA 5505

About VLANs

Hide quick links:

Related Manuals for Cisco ASA 5505

Related Content for Cisco ASA 5505

Table of Contents