Solved

Can I trunk a Cisco PIX/ASA 5505 WITH BASE LICENSE?

Posted on 2011-03-23
5
1,032 Views
Last Modified: 2012-05-11
Hi
Can you please tell me if I can trunk an PIX/ASA 5505 BASE?
or I need to have the security plus bundle?

Please advise.
0
Comment
Question by:chenzovicc
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35205214
Not quite:
The basic license allows only 3 active VLANs which you can use as Inside, Outside and DMZ. However, there is a restriction here that many people do not know about: The DMZ VLAN can access ONLY the Outside VLAN but can not access the Inside VLAN. The other two VLANs (Inside and Outside) can access all the other VLANs with no problems.

You'll need a security plus license for that (and have to pay :-~ ):
The Security Plus license, removes all limitations and allows up to 20 active VLANs to be configured. Since there are only 8 physical ports, you can create several vlan subinterfaces on each physical port to segment your network into different security zones (e.g Inside, Outside, DMZ1, DMZ2, Sales, Engineering etc).

Source: http://www.networkstraining.com/cisco-asa-5505-vlans-and-licensing/
0
 

Author Comment

by:chenzovicc
ID: 35208328
This is the scenario I need to accomplish and in reality I do not need the 192.168.1.0 and 172.168.1.0
to talk to each other as long as they have access to the outside world. I will create access-list
so users from the outside will have access to the exchange server on each server.
I know of the limitation of the base license what I do not know is if the base license will allow me
to trunk with my cisco switch 2960.

Please advise.
NetDiagram.jpg
0
 
LVL 35

Accepted Solution

by:
Ernie Beek earned 500 total points
ID: 35208383
Sorry, can be very fast with my answer: no trunk ports with the base license :-~

I know, I was trying it my self the other day...........
0
 

Author Closing Comment

by:chenzovicc
ID: 35209891
Thanks
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 35211422
You're welcome. Sorry it wasn't the answer you were hoping for.
Thx for the points :)
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Join & Write a Comment

Suggested Solutions

How to configure Site to Site VPN on a Cisco ASA.     (version: 1.1 - updated August 6, 2009) Index          [Preface]   1.    [Introduction]   2.    [The situation]   3.    [Getting started]   4.    [Interesting traffic]   5.    [NAT0]   6.…
I recently updated from an old PIX platform to the new ASA platform.  While upgrading, I was tremendously confused about how the VPN and AnyConnect licensing works.  It turns out that the ASA has 3 different VPN licensing schemes. "site-to-site" …
This tutorial demonstrates a quick way of adding group price to multiple Magento products.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now