Filter
Top Products
9-8
Cisco ASDM User Guide
OL-16647-01
Chapter 9 Configuring Switch Ports and VLAN Interfaces for the Cisco ASA 5505 Adaptive Security Appliance
Configuring VLAN Interfaces
Add/Edit Interface > General
The Add/Edit Interface > General tab lets you add or edit a VLAN interface.
If you intend to use an interface for failover, do not configure the interface in this dialog box; instead,
use the Failover: Setup tab. In particular, do not set the interface name, as this parameter disqualifies the
interface from being used as the failover link; other parameters are ignored.
If you enabled Easy VPN, you cannot edit the security level or interface name. We suggest that you
finalize your interface configuration before you enable Easy VPN.
After you assign the interface as the failover link or state link, you cannot edit or delete the interface
from the Interfaces pane. The only exception is if you set a physical interface to be the state link, then
you can configure the speed and duplex.
Fields
• Switch Ports—Assigns switch ports to this VLAN interface.
–
Available Switch Ports—Lists all switch ports, even if they are currently assigned to a different
interface.
–
Selected Switch Ports—Lists the switch ports assigned to this interface.
–
Add—Adds a selected switch port to the interface. You see the following message:
“switchport is associated with name interface. Adding it to this interface, will remove it from
name interface. Do you want to continue?”
Click OK to add the switch port.
You will always see this message when adding a switch port to an interface; switch ports are
assigned to the VLAN 1 interface by default even when you do not have any configuration.
–
Remove—Removes a switch port from an interface. Because the default VLAN interface for
switch ports is VLAN 1, removing a switch port from an interface essentially just reassigns that
switch port to VLAN 1.
• Enable Interface—Enables this interface to pass traffic. In addition to this setting, you need to set
an IP address (for routed mode) and a name before traffic can pass according to your security policy.
• Dedicate this interface to management only—Sets the interface to accept traffic to the security
appliance only, and not through traffic. You cannot set a primary or backup ISP interface to be
management only.
• Interface Name—Sets an interface name up to 48 characters in length.
• Security Level—Sets the security level between 0 (lowest) and 100 (highest).The security appliance
lets traffic flow freely from an inside network to an outside network (lower security level). Many
other security features are affected by the relative security level of two interfaces.
• IP Address—For routed mode only, sets the IP address.
–
Use Static IP—Manually sets the IP address.
IP address—Sets the IP address.
Subnet Mask—Sets the subnet mask.
–
Obtain Address via DHCP—Dynamically sets the IP address using DHCP.
Obtain Default Route Using DHCP—Obtains a default route from the DHCP server so that you
do not need to configure a default static route.
Renew DHCP Lease—Renews the DHCP lease.