Deployment Scenarios Using Vlans - Cisco ASA 5505 Getting Started Manual

Deployment Scenarios Using VLANs

Table 3-1 License Restrictions on Active VLANs
License Type Mode
Base Platform
Transparent Mode
Routed Mode
Security Plus
Transparent Mode
License
Routed Mode
Note
Deployment Scenarios Using VLANs
Cisco ASA 5505 Getting Started Guide
3-4
The ASA 5505 adaptive security appliance supports active and standby failover,
but not Stateful Failover.
The number of VLANs you need depends on the complexity of the network into
which you are installing the adaptive security appliance. Use the scenarios in this
section as a guide to help you determine how many VLANs you need and how
many ports to allocate to each.
This section includes the following topics:
Basic Deployment Using Two VLANs, page 3-5
•
DMZ Deployment, page 3-7
•
Teleworker Deployment Using Three VLANs, page 3-8
•
Chapter 3 Planning for a VLAN Configuration
Connections
Up to two active VLANs.
Up to three active VLANs. The DMZ VLAN is
restricted from initiating traffic to the inside
VLAN.
Up to three active VLANs, one of which must be
used for failover.
Up to 20 active VLANs. For example, you can
allocate each physical port to a separate VLAN,
such as Outside, DMZ 1, DMZ 2, Engineering,
Sales, Customer Service, Finance, and HR.
Because there are only 8 physical ports, the
additional VLANs are useful for assigning to
trunk ports, which aggregate multiple VLANs on
a single physical port.
78-17612-02