8-8
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 8 Configuring Interfaces
Default Settings
• In transparent mode on a per interface basis, you can only configure the link-local address; you
configure the global address as the management address for the entire unit, but not per interface.
Because configuring the management global IP address automatically configures the link-local
addresses per interface, the only IPv6 configuration you need to perform is to set the management
IP address according to the “Configuring the IPv6 Address” section on page 9-16.
Model Guidelines
Subinterfaces are not available for the ASA 5505 adaptive security appliance.
Default Settings
This section lists default settings for interfaces if you do not have a factory default configuration. For
information about the factory default configurations, see the “Factory Default Configurations” section
on page 2-5.
Default Security Level
The default security level is 0. If you name an interface “inside” and you do not set the security level
explicitly, then the adaptive security appliance sets the security level to 100.
Note If you change the security level of an interface, and you do not want to wait for existing connections to
time out before the new security information is used, you can clear the connections using the
clear local-host command.
Default State of Interfaces
The default state of an interface depends on the type and the context mode.
In multiple context mode, all allocated interfaces are enabled by default, no matter what the state of the
interface is in the system execution space. However, for traffic to pass through the interface, the interface
also has to be enabled in the system execution space. If you shut down an interface in the system
execution space, then that interface is down in all contexts that share it.
In single mode or in the system execution space, interfaces have the following default states:
• Physical interfaces and switch ports—Disabled.
• Redundant Interfaces—Enabled. However, for traffic to pass through the redundant interface, the
member physical interfaces must also be enabled.
• Subinterfaces or VLANs—Enabled. However, for traffic to pass through the subinterface, the
physical interface must also be enabled.
Default Speed and Duplex
• By default, the speed and duplex for copper (RJ-45) interfaces are set to auto-negotiate.
• The fiber interface for the ASA 5550 and the 4GE SSM has a fixed speed and does not support
duplex, but you can set the interface to negotiate link parameters (the default) or not to negotiate.
• For fiber interfaces for the ASA 5580, the speed is set for automatic link negotiation.
Default Connector Type
The ASA 5550 adaptive security appliance and the 4GE SSM for the ASA 5510 and higher adaptive
security appliance include two connector types: copper RJ-45 and fiber SFP. RJ-45 is the default. You
can configure the adaptive security appliance to use the fiber SFP connectors.