8-22
Cisco ASA 5500 Series Configuration Guide using ASDM
OL-20339-01
Chapter 8 Configuring Interfaces
Completing Interface Configuration (All Models)
Configuring General Interface Parameters
This procedure describes how to set the name, security level, IPv4 address and other options.
For the ASA 5510 and higher, you must configure interface parameters for the following interface types:
• Physical interfaces
• VLAN subinterfaces
• Redundant interfaces
For the ASA 5505, you must configure interface parameters for the following interface types:
• VLAN interfaces
Guidelines and Limitations
• For the ASA 5550 adaptive security appliance, for maximum throughput, be sure to balance your
traffic over the two interface slots; for example, assign the inside interface to slot 1 and the outside
interface to slot 0.
• For information about security levels, see the “Security Levels” section on page 8-5.
• If you are using failover, do not use this procedure to name interfaces that you are reserving for
failover and Stateful Failover communications. See the “Configuring Active/Standby Failover”
section on page 59-6 or the “Configuring Active/Active Failover” section on page 60-8 to configure
the failover and state links.
• In routed firewall mode, set the IP address for all interfaces.
• In transparent firewall mode, do not set the IP address for each interface, but rather set it for the
whole adaptive security appliance or context. The exception is for the Management 0/0 or 0/1
management-only interface, which does not pass through traffic. To set the transparent firewall
mode whole adaptive security appliance or context management IP address, see the “Setting the
Management IP Address for a Transparent Firewall” section on page 9-14. To set the IP address of
the Management 0/0 or 0/1 interface or subinterface, use this procedure.
Restrictions
PPPoE is not supported in multiple context mode or transparent firewall mode.
Information About the Management Interface
The ASA 5510 and higher adaptive security appliance includes a dedicated management interface called
Management 0/0 or Management 0/1, depending on your model, which is meant to support traffic to the
adaptive security appliance. However, you can configure any interface to be a management-only
interface. Also, for Management 0/0 or 0/1, you can disable management-only mode so the interface can
pass through traffic just like any other interface.
Transparent firewall mode allows only two interfaces to pass through traffic; however, on the ASA 5510
and higher adaptive security appliance, you can use the Management 0/0 or 0/1 interface (either the
physical interface or a subinterface) as a third interface for management traffic. The mode is not
configurable in this case and must always be management-only.
Prerequisites
• Complete the procedures in the “Starting Interface Configuration (ASA 5510 and Higher)” section
on page 8-9 or the “Starting Interface Configuration (ASA 5505)” section on page 8-16.
To Next Page
Loading...
Need help?
General
