Trunk port example – Cisco ASA 5505 User Manual

Page 290

Advertising
background image

7-12

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 7 Starting Interface Configuration (ASA 5505)

Configuration Examples for ASA 5505 Interfaces

hostname(config-if)# no shutdown

hostname(config-if)# interface ethernet 0/2

hostname(config-if)# switchport access vlan 300

hostname(config-if)# no shutdown

hostname(config-if)# interface ethernet 0/3

hostname(config-if)# switchport access vlan 400

hostname(config-if)# no shutdown

hostname(config-if)# interface ethernet 0/4

hostname(config-if)# switchport access vlan 500

hostname(config-if)# no shutdown

Trunk Port Example

The following example configures seven VLAN interfaces, including the failover interface which is
configured using the failover lan command. VLANs 200, 201, and 202 are trunked on Ethernet 0/1.

hostname(config)# interface vlan 100

hostname(config-if)# nameif outside

hostname(config-if)# security-level 0

hostname(config-if)# ip address 10.1.1.1 255.255.255.0

hostname(config-if)# no shutdown

hostname(config-if)# interface vlan 200

hostname(config-if)# nameif inside

hostname(config-if)# security-level 100

hostname(config-if)# ip address 10.2.1.1 255.255.255.0

hostname(config-if)# no shutdown

hostname(config-if)# interface vlan 201

hostname(config-if)# nameif dept1

hostname(config-if)# security-level 90

hostname(config-if)# ip address 10.2.2.1 255.255.255.0

hostname(config-if)# no shutdown

hostname(config-if)# interface vlan 202

hostname(config-if)# nameif dept2

hostname(config-if)# security-level 90

hostname(config-if)# ip address 10.2.3.1 255.255.255.0

hostname(config-if)# no shutdown

hostname(config-if)# interface vlan 300

hostname(config-if)# nameif dmz

hostname(config-if)# security-level 50

hostname(config-if)# ip address 10.3.1.1 255.255.255.0

hostname(config-if)# no shutdown

hostname(config-if)# interface vlan 400

hostname(config-if)# nameif backup-isp

hostname(config-if)# security-level 50

hostname(config-if)# ip address 10.1.2.1 255.255.255.0

hostname(config-if)# no shutdown

hostname(config-if)# failover lan faillink vlan500

hostname(config)# failover interface ip faillink 10.4.1.1 255.255.255.0 standby 10.4.1.2

255.255.255.0

hostname(config)# interface ethernet 0/0

hostname(config-if)# switchport access vlan 100

Advertising