Interface Management

Choose Configuration > Features > Interfaces to set up the physical interfaces and to create sub-interfaces. Select the interface you want to modify and click Edit to specify the interface parameters. In Figure 18-13, GigabitEthernet0/2 is being set up as a DMZ interface with a security level of 50 and an IP address of 209.165.201.1/27. If you click Configure Hardware Properties, you can set the duplex and speed manually.

Figure 18-13. Interfaces Configuration Screen

Note

ASDM does not support assigning IPv6 addresses to the interfaces.

To create a sub-interface, click Add under Configuration > Features > Interfaces and select the physical interface from the Hardware Port drop-down menu. Specify the interface name, VLAN ID, sub-interface ID, security level, and an IP address to complete the sub-interface setup, as shown in Figure 18-14. A new sub-interface is being created on the GigabitEthernet0/3 physical interface with a sub-interface and VLAN ID of 200. The interface name is Web and a security level of 20 is assigned to it. The IP address is being assigned from a DHCP server.

Figure 18-14. Sub-interface Configuration Screen

Example 18-5 shows the relevant configuration that ASDM pushes to the security Cisco ASA when a sub-interface is set up.

Example 18-5. Configuration of a Sub-interface

Interface GigabitEthernet0/3.200

 vlan 200

 no shutdown

 nameif Web

 security-level 20

 ip address dhcp






Cisco Asa(c) All-in-one Firewall, IPS, And VPN Adaptive Security Appliance
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
ISBN: 1587052091
EAN: 2147483647
Year: 2006
Pages: 231
Simiral book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net