Configuring general interface parameters – Cisco ASA 5505 User Manual

Page 318

Advertising
background image

9-8

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 9 Completing Interface Configuration (Transparent Mode)

Completing Interface Configuration in Transparent Mode

Detailed Steps

Examples

The following example sets the management address and standby address of bridge group 1:

hostname(config)# interface bvi 1

hostname(config-if)# ip address 10.1.3.1 255.255.255.0 standby 10.1.3.2

What to Do Next

Configure general interface parameters. See the

“Configuring General Interface Parameters” section on

page 9-8

.

Configuring General Interface Parameters

This procedure describes how to set the name, security level, and bridge group for each transparent
interface.

To configure a separate management interface, see the

“Configuring a Management Interface (ASA 5510

and Higher)” section on page 9-11

.

For the ASA 5510 and higher, you must configure interface parameters for the following interface types:

Physical interfaces

VLAN subinterfaces

Redundant interfaces

EtherChannel interfaces

Command

Purpose

Step 1

interface bvi

bridge_group_number

Example:

hostname(config)# interface bvi 1

Creates a bridge group, where bridge_group_number is an integer
between 1 and 100.

Step 2

ip address

ip_address [mask]

[standby ip_address]

Example:

hostname(config-if)# ip address 10.1.3.1

255.255.255.0 standby 10.1.3.2

Specifies the management IP address for the bridge group.

Do not assign a host address (/32 or 255.255.255.255) to the
bridge group. Also, do not use other subnets that contain fewer
than 3 host addresses (one each for the upstream router,
downstream router, and transparent firewall) such as a /30 subnet
(255.255.255.252). The ASA drops all ARP packets to or from the
first and last addresses in a subnet. Therefore, if you use a /30
subnet and assign a reserved address from that subnet to the
upstream router, then the ASA drops the ARP request from the
downstream router to the upstream router.

The ASA does not support traffic on secondary networks; only
traffic on the same network as the management IP address is
supported.

The standby keyword and address is used for failover.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals