Filter
Top Products
8-9
Cisco ASDM User Guide
OL-16647-01
Chapter 8 Configuring Interfaces in Multiple Mode
Configuring Interface Parameters within each Context (Multiple Mode)
Without NAT control, or for same security interfaces, you can choose to use NAT between any
interface, or you can choose not to use NAT. Keep in mind that configuring NAT for an outside
interface might require a special keyword.
• established command—This command allows return connections from a lower security host to a
higher security host if there is already an established connection from the higher level host to the
lower level host.
For same security interfaces, you can configure established commands for both directions.
Configuring Interface Parameters in each Context (Multiple Mode)
To add or edit an interface, perform the following steps.
Step 1 In the Configuration > Device List pane, double-click the context name under the active device
IP address > Contexts.
Step 2 On the Device Setup > Interfaces pane, click an interface that you want to configure, and click Edit.
The Add/Edit Interface dialog box appears with the General tab selected.
Step 3 In the Interface Name field, enter a name up to 48 characters in length.
Step 4 In the Security level field, enter a level between0 (lowest) and 100 (highest).
See the “Default Security Level” section on page 8-8 for more information.
Step 5 (Optional) To set this interface as a management-only interface, check Dedicate this interface to
management-only.
Through traffic is not accepted on a management-only interface.
Step 6 If the interface is not already enabled, check Enable Interface.
The interface is enabled by default. To disable it, uncheck the box.
Step 7 To set the IP address, use one of the following options.
In routed firewall mode, set the IP address for all interfaces. In transparent firewall mode, do not set the
IP address for each interface, but rather set it for the whole security appliance or context. The exception
is for the Management 0/0 management-only interface, which does not pass through traffic. To set the
transparent firewall mode whole security appliance or context management IP address, see the
Management IP Address pane. To set the IP address of the Management 0/0 interface or subinterface,
use this procedure.
For use with failover, you must set the IP address and standby address manually; DHCP is not supported.
Set the standby IP addresses on the Configuration > Device Management > High Availability > Failover
> Interfaces tab.
• To set the IP address manually, click Use Static IP and enter the IP address and mask.
• To obtain an IP address from a DHCP server, click Obtain Address via DHCP.
a. (Optional) To obtain the default route from the DHCP server, check Obtain Default Route
Using DHCP.
b. (Optional) To renew the lease, click Renew DHCP Lease.
Step 8 (Optional) In the Description field, enter a description for this interface.