In the above topology, we have 2 vlans. How do we configure the ASA's G0/1 interface to support these ?
ASA(config)#interface gig0/1.1
ASA(config-subif)#vlan 10 /*enable trunk on the subinterface g0/1.1 and mappe it to vlan 10 */
ASA(config-subif)#exit
ASA(config)#interface gig0/1.2
ASA(config-subif)#vlan 20 /*enable trunk on the subinterface g0/1.2 and mappe it to vlan 20 */
Configure subinterfaces on Cisco ASA and mappe each to a vlan for ASA 5505
If you need to carry multiple VLANs traffic over a link to a neighbring swith :
- create the individual VLANs
(config)#interface vlan x - configure an ASA 5505 physical interface as VLAN trunk link AND allow specific VLANs to be carried over the above specified trunk link (by default no vlans are permitted to be carried over a trunk link)
(config)#interface "interface-name"
(config-if)#swithport mode trunk
(config-if)#switchport trunk allowed vlan x
(config)#interface vlan 10
(config-if)#exit
(config)#interface vlan 20
(config-if)#exit
(config)#interface ethernet0/5
(config-if)#switchport mode trunk
(config-if)#swichport trunk allowed vlan 10,20
Note that Cisco ASA interfaces or sub-interfaces must be configured with the following to be operational :
- interface name
- ip address and subnet mask
- security level
I will be honored to read your comment about this post. Please feel free to leave one ☺ And if you have a Cisco IOS, Firewall ASA Or Mircrosoft server infrastructure topic you would like me to add in this blog, i will be more than happy to know which one ☺
-------------------------------------------------------------------------------------------------------
No comments:
Post a Comment