Completing Interface Configuration (All Models)
Configuring General Interface Parameters
This procedure describes how to set the name, security level, IPv4 address and other options.
For the ASA 5510 and higher, you must configure interface parameters for the following interface types:
•
•
•
For the ASA 5505, you must configure interface parameters for the following interface types:
•
Guidelines and Limitations
•
•
•
•
•
Restrictions
PPPoE is not supported in multiple context mode or transparent firewall mode.
Information About the Management Interface
The ASA 5510 and higher adaptive security appliance includes a dedicated management interface called
Management 0/0 or Management 0/1, depending on your model, which is meant to support traffic to the
adaptive security appliance. However, you can configure any interface to be a management-only
interface. Also, for Management 0/0 or 0/1, you can disable management-only mode so the interface can
pass through traffic just like any other interface.
Transparent firewall mode allows only two interfaces to pass through traffic; however, on the ASA 5510
and higher adaptive security appliance, you can use the Management 0/0 or 0/1 interface (either the
physical interface or a subinterface) as a third interface for management traffic. The mode is not
configurable in this case and must always be management-only.
Prerequisites
•
Cisco ASA 5500 Series Configuration Guide using ASDM
8-22
Physical interfaces
VLAN subinterfaces
Redundant interfaces
VLAN interfaces
For the ASA 5550 adaptive security appliance, for maximum throughput, be sure to balance your
traffic over the two interface slots; for example, assign the inside interface to slot 1 and the outside
interface to slot 0.
For information about security levels, see the
If you are using failover, do not use this procedure to name interfaces that you are reserving for
failover and Stateful Failover communications. See the
section on page 59-6
or the
the failover and state links.
In routed firewall mode, set the IP address for all interfaces.
In transparent firewall mode, do not set the IP address for each interface, but rather set it for the
whole adaptive security appliance or context. The exception is for the Management 0/0 or 0/1
management-only interface, which does not pass through traffic. To set the transparent firewall
mode whole adaptive security appliance or context management IP address, see the
Management IP Address for a Transparent Firewall" section on page
the Management 0/0 or 0/1 interface or subinterface, use this procedure.
Complete the procedures in the
on page 8-9
or the
"Starting Interface Configuration (ASA 5505)" section on page
"Security Levels" section on page
"Configuring Active/Active Failover" section on page 60-8
"Starting Interface Configuration (ASA 5510 and Higher)" section
Chapter 8
Configuring Interfaces
8-5.
"Configuring Active/Standby Failover"
9-14. To set the IP address of
to configure
"Setting the
8-16.
OL-20339-01