Configuring And Enabling Subinterfaces - Cisco FirePOWER ASA 5500 series Configuration Manual
Security appliance command line
Hide thumbs
Also See for FirePOWER ASA 5500 series:
- Datasheet (20 pages) ,
- Configuration manual (1140 pages)
Table of Contents
Advertisement
Chapter 5
Configuring Ethernet Settings and Subinterfaces
physical interface or subinterface to a context, the interfaces are enabled by default in the context.
However, before traffic can pass through the context interface, you must also enable the interface in the
system configuration according to this procedure.
By default, the connectors used on the 4GE SSM or for built-in interfaces in slot 1 on the ASA 5550
adaptive security appliance are the RJ-45 connectors. To use the fiber SFP connectors, you must set the
media type to SFP. The fiber interface has a fixed speed and does not support duplex, but you can set the
interface to negotiate link parameters (the default) or not to negotiate.
To enable the interface, set the media type, or to set negotiation settings, perform the following steps:
To specify the interface you want to configure, enter the following command:
Step 1
hostname(config)# interface gigabitethernet 1/port
The 4GE SSM interfaces are assigned to slot 1, as shown in the interface ID in the syntax (the interfaces
built into the chassis are assigned to slot 0).
To set the media type to SFP, enter the following command:
Step 2
hostname(config-if)# media-type sfp
To restore the defaukt RJ-45, enter the media-type rj45 command.
Step 3
(Optional) To disable link negotiation, enter the following command:
hostname(config-if)# speed nonegotiate
For fiber Gigabit Ethernet interfaces, the default is no speed nonegotiate, which sets the speed to 1000
Mbps and enables link negotiation for flow-control parameters and remote fault information. The speed
nonegotiate command disables link negotiation.
Step 4
To enable the interface, enter the following command:
hostname(config-if)# no shutdown
To disable the interface, enter the shutdown command. If you enter the shutdown command for a
physical interface, you also shut down all subinterfaces. If you shut down an interface in the system
execution space, then that interface is shut down in all contexts that share it.
Configuring and Enabling Subinterfaces
This section describes how to configure and enable a subinterface. You must enable the physical
interface before any traffic can pass through an enabled subinterface (see the
RJ-45 Interfaces" section on page 5-1
page
enabled by default in the context. However, before traffic can pass through the context interface, you
must also enable the interface in the system configuration with this procedure.
Subinterfaces let you divide a physical interface into multiple logical interfaces that are tagged with
different VLAN IDs. Because VLANs allow you to keep traffic separate on a given physical interface,
you can increase the number of interfaces available to your network without adding additional physical
interfaces or security appliances. This feature is particularly useful in multiple context mode so you can
assign unique interfaces to each context.
To determine how many subinterfaces are allowed for your platform, see
and Specifications."
OL-10088-01
5-2). For multiple context mode, if you allocate a subinterface to a context, the interfaces are
or the
"Configuring and Enabling Fiber Interfaces" section on
Cisco Security Appliance Command Line Configuration Guide
Configuring and Enabling Subinterfaces
"Configuring and Enabling
Appendix A, "Feature Licenses
5-3
Advertisement
Table of Contents
Troubleshooting
