Maximum Number And Types Of Vlans - Cisco ASA 5505 Getting Started Manual

Chapter 2 Planning for a VLAN Configuration

Maximum Number and Types of VLANs

Table 2-1 License Restrictions on Active VLANs
License Type Mode
Base License
Transparent Mode
Routed Mode
78-17612-01
In this example, devices in both the Home Office and Internet VLANs can
communicate with all three web servers, and vice versa. However, devices in the
Web Services VLAN are serving content for different companies, so the VLAN
is configured so that they are unable to communicate with each other.
Devices in the Web Services VLAN are publicly accessible to HTTP clients on
the Internet. Because devices in the Home Office VLAN should not be accessible
to clients on the Internet, they are in a separate VLAN.
The Web Services VLAN is considered a demilitarized zone (DMZ) because it is
a neutral zone between two networks; that is, it is accessible both to HTTP clients
on the Internet and devices in the Business VLAN.
Your license determines how many VLANs that you can have active on the ASA
5505. You can configure as many VLANs as you want as long as you limit the
number of active VLANs to comply with your license.
With the Base license, communication between the Business VLAN and the
Personal VLAN is limited: the Business VLAN is permitted to send traffic to the
Personal VLAN, but the Personal VLAN is not permitted to send traffic to the
Business VLAN.
The Security Plus license removes this limitation, thus enabling a full DMZ
configuration.
Table 2-1 lists the number and types of connections supported by each license.
Maximum Number and Types of VLANs
Connections
Up to two active VLANs.
Up to three active VLANs. One of these VLANs
can only be configured to initiate traffic to the
Internet.
Cisco ASA 5505 Getting Started Guide
2-7