Filter
Top Products
7-5
Cisco ASDM User Guide
OL-16647-01
Chapter 7 Configuring Interfaces in Single Mode
Configuring an Interface (Single Mode)
• Filtering—HTTP(S) and FTP filtering applies only for outbound connections (from a higher level
to a lower level).
For same security interfaces, you can filter traffic in either direction.
• NAT control—When you enable NAT control, you must configure NAT for hosts on a higher security
interface (inside) when they access hosts on a lower security interface (outside).
Without NAT control, or for same security interfaces, you can choose to use NAT between any
interface, or you can choose not to use NAT. Keep in mind that configuring NAT for an outside
interface might require a special keyword.
• established command—This command allows return connections from a lower security host to a
higher security host if there is already an established connection from the higher level host to the
lower level host.
If you enable communication between same security interfaces, you can configure established
commands for both directions.
Configuring an Interface (Single Mode)
To configure an interface, perform the following steps. For overview information, see the “Interface
Overview” section on page 7-1.
Note If you are using failover, do not use this procedure to name interfaces that you are reserving for failover
and Stateful Failover communications. See Chapter 15, “High Availability.” to configure the failover and
state links. You can, however, set physical interface properties such as the speed and duplex using this
procedure.
Step 1 Go to the Configuration > Device Setup > Interfaces pane.
By default, all physical interfaces are listed. You can edit a physical interface, or you can add a
subinterface or redundant interface.
• To edit a physical interface or any other existing interface, choose the interface row, and click Edit.
The Edit Interface dialog box appears with the General tab selected.
• To add and configure a subinterface, perform the following steps:
a. Click Add > Interface.
The Add Interface dialog box appears with the General tab selected.
b. From the Hardware Port drop-down list, choose the physical interface to which you want to add
the subinterface.
c. In the VLAN ID field, enter the VLAN ID between 1 and 4095.
Some VLAN IDs might be reserved on connected switches, so check the switch documentation
for more information.
d. In the Subinterface ID field, enter the subinterface ID as an integer between 1 and 4294967293.
The number of subinterfaces allowed depends on your platform. You cannot change the ID after
you set it.
e. Continue configuring the interface by following Step 2.
• To add and configure a redundant interface, perform the following steps: