Cisco Systems OL-16647-01 Network Router User Manual

Open as PDF

of 1230

9-4

Cisco ASDM User Guide

OL-16647-01

Chapter 9 Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance

Interface Overview

Default Interface Configuration

If your adaptive security appliance includes the default factory configuration, your interfaces are

configured as follows:

• The outside interface (security level 0) is VLAN 2.

Ethernet0/0 is assigned to VLAN 2 and is enabled.

The VLAN 2 IP address is obtained from the DHCP server.

• The inside interface (security level 100) is VLAN 1

Ethernet 0/1 through Ethernet 0/7 are assigned to VLAN 1 and is enabled.

VLAN 1 has IP address 192.168.1.1.

Restore the default factory configuration using the configure factory-default command.

Use the procedures in this chapter to modify the default configuration, for example, to add VLAN

interfaces.

If you do not have a factory default configuration, all switch ports are in VLAN 1, but no other

parameters are configured.

VLAN MAC Addresses

In routed firewall mode, all VLAN interfaces share a MAC address. Ensure that any connected switches

can support this scenario. If the connected switches require unique MAC addresses, you can manually

assign MAC addresses.

In transparent firewall mode, each VLAN has a unique MAC address. You can override the generated

MAC addresses if desired by manually assigning MAC addresses.

Power Over Ethernet

Ethernet 0/6 and Ethernet 0/7 support PoE for devices such as IP phones or wireless access points. If you

install a non-PoE device or do not connect to these switch ports, the adaptive security appliance does not

supply power to the switch ports.

If you shut down the switch port from the Edit Switch Port dialog box, you disable power to the device.

Power is restored when you enter reenable it.

To view the status of PoE switch ports, including the type of device connected (Cisco or IEEE 802.3af),

use the show power inline command.

Monitoring Traffic Using SPAN

If you want to monitor traffic that enters or exits one or more switch ports, you can enable SPAN, also

known as switch port monitoring. The port for which you enable SPAN (called the destination port)

receives a copy of every packet transmitted or received on a specified source port. The SPAN feature lets

you attach a sniffer to the destination port so you can monitor all traffic; without SPAN, you would have

to attach a sniffer to every port you want to monitor. You can only enable SPAN for one destination port.

previous next

Top Automotive Device Types

Top Automotive Brands

Top Baby Care Device Types

Top Baby Care Brands

Top Car Audio & Video Device Types

Top Car Audio & Video Brands

Top Cellphone Device Types

Top Cellphone Brands

Top Communications Device Types

Top Communications Brands

Top Computer Device Types

Top Computer Brands

Top Fitness Device Types

Top Fitness Brands

Top Home Audio Device Types

Top Home Audio Brands

Top Household Appliance Device Types

Top Household Appliance Brands

Top Kitchen Appliance Device Types

Top Kitchen Appliance Brands

Top Laundry Appliance Device Types

Top Laundry Appliance Brands

Top Lawn & Garden Device Types

Top Lawn & Garden Brands

Top Marine Equipment Device Types

Top Marine Equipment Brands

Top Musical Instrument Device Types

Top Musical Instrument Brands

Top Outdoor Cooking Device Types

Top Outdoor Cooking Brands

Top Personal Care Device Types

Top Personal Care Brands

Top Photography Device Types

Top Photography Brands

Top Portable Media Device Types

Top Portable Media Brands

Top Power Tools Device Types

Top Power Tools Brands

Top TV and Video Device Types

Top TV and Video Brands

Top Videogame Device Types

Top Videogame Brands

Cisco Systems OL-16647-01 Network Router User Manual