Cisco ASA Series Cli Configuration Manual page 450

Software version 9.0 for the services module

Hide thumbs Also See for ASA Series:

Configuration manual (429 pages)

Getting started (31 pages)

Mount and connect (12 pages)

Table of Contents

Starting ASA 5505 Interface Configuration

The ASA 5505 does not support Spanning Tree Protocol for loop detection in the network. Therefore

you must ensure that any connection with the ASA does not end up in a network loop.

Detailed Steps

interface ethernet0/port

hostname(config)# interface ethernet0/1

switchport access vlan number

hostname(config-if)# switchport access

switchport protected

hostname(config-if)# switchport protected

speed {auto | 10 | 100}

hostname(config-if)# speed 100

duplex {auto | full | half}

hostname(config-if)# duplex full

hostname(config-if)# no shutdown

Cisco ASA Series CLI Configuration Guide

Specifies the switch port you want to configure, where port is 0

Assigns this switch port to a VLAN, where number is the VLAN

ID, between 1 and 4090. See the

section on page 1-6

to configure the VLAN interface that you

want to assign to this switch port. To view configured VLANs,

enter the show interface command.

You might assign multiple switch ports to the primary or

backup VLANs if the Internet access device includes

Layer 2 redundancy.

Prevents the switch port from communicating with other

protected switch ports on the same VLAN.

You might want to prevent switch ports from communicating with

each other if the devices on those switch ports are primarily

accessed from other VLANs, you do not need to allow

intra-VLAN access, and you want to isolate the devices from each

other in case of infection or other security breach. For example, if

you have a DMZ that hosts three web servers, you can isolate the

web servers from each other if you apply the switchport

protected command to each switch port. The inside and outside

networks can both communicate with all three web servers, and

vice versa, but the web servers cannot communicate with each

Sets the speed. The auto setting is the default. If you set the speed

to anything other than auto on PoE ports Ethernet 0/6 or 0/7, then

Cisco IP phones and Cisco wireless access points that do not

support IEEE 802.3af will not be detected and supplied with

Sets the duplex. The auto setting is the default. If you set the

duplex to anything other than auto on PoE ports Ethernet 0/6 or

0/7, then Cisco IP phones and Cisco wireless access points that do

not support IEEE 802.3af will not be detected and supplied with

Enables the switch port. To disable the switch port, enter the

shutdown command.

Starting Interface Configuration (ASA 5505)

"Configuring VLAN Interfaces"

Show Quick Links

Chapters

Table of Contents

Troubleshooting

Cisco ASA Series Cli Configuration Manual page 450

Hide quick links:

Chapters

Troubleshooting

Related Manuals for Cisco ASA Series

Related Products for Cisco ASA Series

This manual is also suitable for:

Table of Contents