Configuring A Switch Port As A Trunk Port - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 4
Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance
hostname(config-if)# interface ethernet 0/1
hostname(config-if)# switchport access vlan 200
hostname(config-if)# no shutdown
hostname(config-if)# interface ethernet 0/2
hostname(config-if)# switchport access vlan 300
hostname(config-if)# no shutdown
hostname(config-if)# interface ethernet 0/3
hostname(config-if)# switchport access vlan 400
hostname(config-if)# no shutdown
hostname(config-if)# interface ethernet 0/4
hostname(config-if)# switchport access vlan 500
hostname(config-if)# no shutdown
hostname(config-if)# route outside 0 0 10.1.1.2 1
hostname(config)# route backup-isp 0 0 10.1.2.2 2
You might assign multiple switch ports to the primary or backup VLANs if the Internet access device
Note
includes Layer 2 redundancy.
Configuring a Switch Port as a Trunk Port
By default, all switch ports are shut down. This procedure tells how to create a trunk port that can carry
multiple VLANs using 802.1Q tagging. Trunk mode is available only with the Security Plus license. You
can configure only one trunk port.
To create an access port, where an interface is assigned to only one VLAN, see the
Ports as Access Ports" section on page
By default, the speed and duplex for switch ports are set to auto-negotiate. The default auto-negotiation
setting also includes the Auto-MDI/MDIX feature. Auto-MDI/MDIX eliminates the need for crossover
cabling by performing an internal crossover when a straight cable is detected during the auto-negotiation
phase. Either the speed or duplex must be set to auto-negotiate to enable Auto-MDI/MDIX for the
interface. If you explicitly set both the speed and duplex to a fixed value, thus disabling auto-negotiation
for both settings, then Auto-MDI/MDIX is also disabled.
To configure a trunk port, perform the following steps:
Step 1
To specify the switch port you want to configure, enter the following command:
hostname(config)# interface ethernet0/port
Where port is 0 through 7. For example, enter the following command:
hostname(config)# interface ethernet0/1
To assign VLANs to this trunk, enter the following command:
Step 2
hostname(config-if)# switchport trunk allowed vlan number1 [number2] [number3]
Where number1, 2, or 3 identifies up to three VLAN IDs, separated by spaces, that you can assign to the
trunk port. The VLAN ID is between 1 and 1001.
This switch port cannot pass traffic until you assign at least one VLAN to it. Trunk ports do not support
untagged packets; there is no native VLAN support, and the adaptive security appliance drops all packets
that do not contain a tag specified in this command.
OL-10088-01
4-9.
Cisco Security Appliance Command Line Configuration Guide
Configuring a Switch Port as a Trunk Port
"Configuring Switch
4-11
Advertisement
Table of Contents
Troubleshooting
