Cisco Systems ASA 5540 Network Router User Manual


  Open as PDF
of 2086
 
13-4
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 13 Starting Interface Configuration (ASA 5505)
Licensing Requirements for ASA 5505 Interfaces
VLAN MAC Addresses
Routed firewall mode—All VLAN interfaces share a MAC address. Ensure that any connected
switches can support this scenario. If the connected switches require unique MAC addresses, you
can manually assign MAC addresses. See the “Configuring the MAC Address and MTU” section on
page 14-12.
Transparent firewall mode—Each VLAN has a unique MAC address. You can override the generated
MAC addresses if desired by manually assigning MAC addresses. See the “Configuring the MAC
Address and MTU” section on page 15-14.
Power over Ethernet
Ethernet 0/6 and Ethernet 0/7 support PoE for devices such as IP phones or wireless access points. If you
install a non-PoE device or do not connect to these switch ports, the ASA does not supply power to the
switch ports.
If you shut down the switch port, you disable power to the device. Power is restored when you enable
the portd. See the “Configuring and Enabling Switch Ports as Access Ports” section on page 13-8 for
more information about shutting down a switch port.
Monitoring Traffic Using SPAN
If you want to monitor traffic that enters or exits one or more switch ports, you can enable SPAN, also
known as switch port monitoring. The port for which you enable SPAN (called the destination port)
receives a copy of every packet transmitted or received on a specified source port. The SPAN feature lets
you attach a sniffer to the destination port so you can monitor all traffic; without SPAN, you would have
to attach a sniffer to every port you want to monitor. You can only enable SPAN for one destination port.
You can only enable SPAN monitoring using the Command Line Interface tool by entering the
switchport monitor command. See the switchport monitor command in the command reference for
more information.
Auto-MDI/MDIX Feature
All ASA 5505 interfaces include the Auto-MDI/MDIX feature. Auto-MDI/MDIX eliminates the need
for crossover cabling by performing an internal crossover when a straight cable is detected during the
auto-negotiation phase. You cannot disable Auto-MDI/MDIX.
Licensing Requirements for ASA 5505 Interfaces