Cisco ASA 5505 User Manual
Page 220
 
5-20
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 5 Configuring Multiple Context Mode
Configuring Multiple Contexts
Step 3
To allocate a physical interface:
allocate-interface
physical_interface
[mapped_name] [visible | invisible]
To allocate one or more subinterfaces:
allocate-interface
physical_interface.subinterface[-physical_
interface.subinterface]
[mapped_name[-mapped_name]] [visible |
invisible
]
Example:
hostname(config-ctx)# allocate-interface
gigabitethernet0/1.100 int1
hostname(config-ctx)# allocate-interface
gigabitethernet0/1.200 int2
hostname(config-ctx)# allocate-interface
gigabitethernet0/2.300-gigabitethernet0/2.
305 int3-int8
Specifies the interfaces you can use in the context. Do not include 
a space between the interface type and the port number.
Enter these commands multiple times to specify different ranges. 
If you remove an allocation with the no form of this command, 
then any context commands that include this interface are 
removed from the running configuration.
Transparent firewall mode allows a limited number of interfaces 
to pass through traffic; however, you can use a dedicated 
management interface, Management slot/port, (physical, 
subinterface, redundant, or EtherChannel) as an additional 
interface for management traffic. The management interface for 
transparent mode does not flood a packet out the interface when 
that packet is not in the MAC address table.
You can assign the same interfaces to multiple contexts in routed 
mode, if desired.
The mapped_name is an alphanumeric alias for the interface that 
can be used within the context instead of the interface ID. If you 
do not specify a mapped name, the interface ID is used within the 
context. For security purposes, you might not want the context 
administrator to know which interfaces are being used by the 
context. A mapped name must start with a letter, end with a letter 
or digit, and have as interior characters only letters, digits, or an 
underscore. For example, you can use the following names:
int0, inta, int_0
If you specify a range of subinterfaces, you can specify a 
matching range of mapped names. Follow these guidelines for 
ranges:
•
The mapped name must consist of an alphabetic portion 
followed by a numeric portion. The alphabetic portion of the 
mapped name must match for both ends of the range. For 
example, enter the following range:
int0-int10
If you enter
gig0/1.1-gig0/1.5 happy1-sad5
, for example,
the command fails.
•
The numeric portion of the mapped name must include the 
same quantity of numbers as the subinterface range. For 
example, both ranges include 100 interfaces:
gigabitethernet0/0.100-gigabitethernet0/0.199
int1-int100
If you enter
gig0/0.100-gig0/0.199 int1-int15
, for
example, the command fails.
Specify visible to see the real interface ID in the show interface 
command if you set a mapped name. The default invisible 
keyword shows only the mapped name.
Command
Purpose