Cisco FirePOWER ASA 5500 series Configuration Manual page 82
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Configuring Switch Ports as Access Ports
if you apply the switchport protected command to each switch port. The inside and outside networks
can both communicate with all three web servers, and vice versa, but the web servers cannot
communicate with each other.
(Optional) To set the speed, enter the following command:
Step 4
hostname(config-if)# speed {auto | 10 | 100}
The auto setting is the default. If you set the speed to anything other than auto on PoE ports Ethernet
0/6 or 0/7, then Cisco IP phones and Cisco wireless access points that do not support IEEE 802.3af will
not be detected and supplied with power.
(Optional) To set the duplex, enter the following command:
Step 5
hostname(config-if)# duplex {auto | full | half}
The auto setting is the default. If you set the duplex to anything other than auto on PoE ports Ethernet
0/6 or 0/7, then Cisco IP phones and Cisco wireless access points that do not support IEEE 802.3af will
not be detected and supplied with power.
To enable the switch port, if it is not already enabled, enter the following command:
Step 6
hostname(config-if)# no shutdown
To disable the switch port, enter the shutdown command.
The following example configures five VLAN interfaces. The fourth backup-isp interface only allows
through traffic when the primary interface is down. The fifth faillink VLAN interface is for failover.
hostname(config)# interface vlan 100
hostname(config-if)# nameif outside
hostname(config-if)# security-level 0
hostname(config-if)# ip address 10.1.1.1 255.255.255.0
hostname(config-if)# backup interface vlan 400
hostname(config-if)# no shutdown
hostname(config-if)# interface vlan 200
hostname(config-if)# nameif inside
hostname(config-if)# security-level 100
hostname(config-if)# ip address 10.2.1.1 255.255.255.0
hostname(config-if)# no shutdown
hostname(config-if)# interface vlan 300
hostname(config-if)# nameif dmz
hostname(config-if)# security-level 50
hostname(config-if)# ip address 10.3.1.1 255.255.255.0
hostname(config-if)# no shutdown
hostname(config-if)# interface vlan 400
hostname(config-if)# nameif backup-isp
hostname(config-if)# security-level 50
hostname(config-if)# ip address 10.1.2.1 255.255.255.0
hostname(config-if)# no shutdown
hostname(config-if)# failover lan faillink vlan500
hostname(config)# failover interface ip faillink 10.4.1.1 255.255.255.0 standby 10.4.1.2
255.255.255.0
hostname(config)# interface ethernet 0/0
hostname(config-if)# switchport access vlan 100
hostname(config-if)# no shutdown
Cisco Security Appliance Command Line Configuration Guide
4-10
Chapter 4
Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance
OL-10088-01
Advertisement
Table of Contents
Troubleshooting
