About Physical Ports On The Asa 5505; About Vlans - Cisco ASA 5505 Getting Started Manual

Adaptive security appliance

Hide thumbs Also See for ASA 5505:

Configuration manual (1822 pages)

Getting started manual (168 pages)

Administrator's manual (118 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

page of 114

/ 114
Contents
Table of Contents
Bookmarks

Table of Contents

Understanding VLANs on the ASA 5505

About Physical Ports on the ASA 5505

About VLANs

Cisco ASA 5505 Getting Started Guide

3-2

Maximum Number and Types of VLANs, page 3-3

•

Basic Deployment Using Two VLANs, page 3-5

•

DMZ Deployment, page 3-7

•

Teleworker Deployment Using Three VLANs, page 3-8

•

The ASA 5505 has a built-in switch with eight Fast Ethernet ports, called switch

ports. Two of the eight physical ports are Power Over Ethernet (PoE) ports. You

can connect PoE ports directly to user equipment such as PCs, IP phones, or a

DSL modem. You can also connect to another switch. For more information, see

Ports and LEDs, page

You can divide the eight physical ports into groups, called VLANs, that function

as separate networks. This enables you to improve the security of your business

because devices in different VLANs can only communicate with each other by

passing the traffic through the adaptive security appliance where relevant security

policies are applied.

The ASA 5505 comes preconfigured with two VLANs: VLAN1 and VLAN2. By

default, Ethernet switch port 0/0 is allocated to VLAN2. All other switch ports are

allocated by default to VLAN1.

Physical ports on the same VLAN communicate with each other using hardware

switching. VLANs communicate with each other using routes and bridges. For

example, when a switch port on VLAN1 is communicating with a switch port on

VLAN2, the adaptive security appliance applies configured security policies to

the traffic and routes or bridges the traffic between the two VLANs.

To impose strict access control and provide protection of sensitive devices, you

can apply security policies to VLANs that restrict communications between

VLANs. You can also apply security policies to individual ports. You might want

to apply security policies at the port level if, for example, there are two ports on

the same VLAN connecting devices that you do not want to be able to

communicate with each other.

Chapter 3

4-9.

Planning for a VLAN Configuration

78-17612-02

Table of Contents

Show Quick Links

Quick Links:
Chapter 1 Before You Begin

Hide quick links:

Table of Contents

About Physical Ports On The Asa 5505; About Vlans - Cisco ASA 5505 Getting Started Manual

About Physical Ports on the ASA 5505

About VLANs

Hide quick links:

Related Manuals for Cisco ASA 5505

Related Content for Cisco ASA 5505

Table of Contents