Cisco PIX 500 Series Configuration Manual page 124

Configuring Interface Parameters
In multiple context mode, enter the mapped_name if one was assigned using the allocate-interface
command.
The physical_interface ID includes the type, slot, and port number as type [slot/]port. The physical
interface types include the following:
ethernet
•
gigabitethernet
•
management (ASA 5500 only)
•
For the PIX 500 series security appliance, enter the type followed by the port number, for example,
ethernet 0.
For the ASA 5500 series adaptive security appliance, enter the type followed by slot/port, for example,
gigabitethernet 0/1. Interfaces that are built into the chassis are assigned to slot 0, while interfaces on
the 4GE SSM are assigned to slot 1. The ASA 5550 adaptive security appliance has two banks of ports;
the bank on the left is slot 1 and the bank on the right is slot 0.
Note
The ASA 5500 management interface is a Fast Ethernet interface designed for management traffic only,
and is specified as management 0/0. You can, however, use it for through traffic if desired (see the
management-only command). In transparent firewall mode, you can use the management interface (for
management purposes) in addition to the two interfaces allowed for through traffic. You can also add
subinterfaces to the management interface to provide management in each security context for multiple
context mode.
For example, enter the following command:
hostname(config)# interface gigabitethernet 0/1.1
To name the interface, enter the following command:
Step 2
hostname(config-if)# nameif name
The name is a text string up to 48 characters, and is not case-sensitive. You can change the name by
reentering this command with a new value. Do not enter the no form, because that command causes all
commands that refer to that name to be deleted.
To set the security level, enter the following command:
Step 3
hostname(config-if)# security-level number
Where number is an integer between 0 (lowest) and 100 (highest).
Step 4 (Optional) To set an interface to management-only mode, enter the following command:
hostname(config-if)# management-only
The ASA 5510 and higher adaptive security appliance includes a dedicated management interface called
Management 0/0, which is meant to support traffic to the security appliance. However, you can configure
any interface to be a management-only interface using the management-only command. Also, for
Management 0/0, you can disable management-only mode so the interface can pass through traffic just
like any other interface.
Cisco Security Appliance Command Line Configuration Guide
7-4
For the ASA 5550 adaptive security appliance, for maximum throughput, be sure to balance your
traffic over the two interface slots; for example, assign the inside interface to slot 1 and the
outside interface to slot 0.
Chapter 7 Configuring Interface Parameters
OL-12172-03