Cisco ASA Series Cli Configuration Manual page 444
Software version 9.0 for the services module
Hide thumbs
Also See for ASA Series:
- Configuration manual (429 pages) ,
- Getting started (31 pages) ,
- Mount and connect (12 pages)
Table of Contents
Advertisement
Information About ASA 5505 Interfaces
Understanding ASA 5505 Ports and Interfaces
The ASA 5505 supports a built-in switch. There are two kinds of ports and interfaces that you need to
configure:
•
•
To segregate the switch ports into separate VLANs, you assign each switch port to a VLAN interface.
Switch ports on the same VLAN can communicate with each other using hardware switching. But when
a switch port on VLAN 1 wants to communicate with a switch port on VLAN 2, then the ASA applies
the security policy to the traffic and routes or bridges between the two VLANs.
Maximum Active VLAN Interfaces for Your License
In routed mode, you can configure the following VLANs depending on your license:
•
•
In transparent firewall mode, you can configure the following VLANs depending on your license:
•
•
Note
An active VLAN is a VLAN with a nameif command configured.
Cisco ASA Series CLI Configuration Guide
1-2
Physical switch ports—The ASA has 8 Fast Ethernet switch ports that forward traffic at Layer 2,
using the switching function in hardware. Two of these ports are PoE ports. See the
Ethernet" section on page 1-4
user equipment such as PCs, IP phones, or a DSL modem. Or you can connect to another switch.
Logical VLAN interfaces—In routed mode, these interfaces forward traffic between VLAN
networks at Layer 3, using the configured security policy to apply firewall and VPN services. In
transparent mode, these interfaces forward traffic between the VLANs on the same network at Layer
2, using the configured security policy to apply firewall services. See the
Interfaces for Your License"
VLAN interfaces let you divide your equipment into separate VLANs, for example, home, business,
and Internet VLANs.
Base license—3 active VLANs. The third VLAN can only be configured to initiate traffic to one
other VLAN. See
Figure 1-1
Security Plus license—20 active VLANs.
Base license—2 active VLANs in 1 bridge group.
Security Plus license—3 active VLANs: 2 active VLANs in 1 bridge group, and 1 active VLAN for
the failover link.
Chapter 1
for more information. You can connect these interfaces directly to
section for more information about the maximum VLAN interfaces.
for more information.
Starting Interface Configuration (ASA 5505)
"Power over
"Maximum Active VLAN
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
