?
Solved

Cisco ASA Interface Configuration

Posted on 2015-01-28
15
Medium Priority
?
112 Views
Last Modified: 2015-02-16
Hello Experts,

Can someone let me know if its possible to configure interfaces on ASA with same named interface e.g.

interface Ethernet0/1
 description Connection to Inside A1 LAN
nameif inside
 security-level 100
 ip address 192.168.170.1 255.255.255.0

interface Ethernet0/2
 description Connection to Inside B2 LAN
nameif inside
 security-level 100
 ip address 10.25.0.1 255.255.255.0

Will the above work?

Regards
0
Comment
Question by:cpatte7372
  • 8
  • 5
  • 2
15 Comments
 
LVL 21

Expert Comment

by:netcmh
ID: 40575155
Is your end goal to permit traffic between the two interfaces with the same security level? Please read http://3cvguy.com/cisco-asa/

If it's just for aesthetics, I don't think you can name 2 interfaces the same name.
0
 

Author Comment

by:cpatte7372
ID: 40575160
Hi netcmh

Thanks for responding

Is your end goal to permit traffic between the two interfaces with the same security level?

Yes it is.

Is it possible?

Regards
0
 
LVL 21

Accepted Solution

by:
netcmh earned 2000 total points
ID: 40575168
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 

Author Comment

by:cpatte7372
ID: 40575182
Netcmh

I followed the instructions in the link but it didn't work, see below;

tina-asa(config)# same-security-traffic permit inter-interface
tina-asa(config)# int eth 0/2
tina-asa(config-if)# nameif inside
ERROR: Name "inside" has been assigned to interface Ethernet0/1
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40575185
You cannot name both the interfaces the same name. What is your requirement for doing this?
0
 

Author Comment

by:cpatte7372
ID: 40575202
Netcmh,

OK, I'm getting confused here:

ASA-CLI (config) # static (server,storage) 192.168.0.0 255.255.255.0 192.168.0.0 255.255.255.0

ASA-CLI (config) # static (storage,server) 192.168.2.0 255.255.255.0 192.168.2.0 255.255.255.0

Is (server,storage) the nameif for server and storage?
0
 

Author Comment

by:cpatte7372
ID: 40575215
I'm getting the error here:

static (inside,newlan) 192.168.170.0 255.255.255.0 192.168.170.0 255.255.255.0
                                                      ^
0
 

Author Comment

by:cpatte7372
ID: 40575219
You cannot name both the interfaces the same name. What is your requirement for doing this?

I have changed it on the second interface to 'newlan'

But I can't get the static to work, see above
0
 

Author Comment

by:cpatte7372
ID: 40575244
Any thoughts?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40575350
If both interfaces have the same security level (but different names) and you have "same-security-traffic permit inter-interface" enabled then you should be able to move traffic between those interfaces.

Is that not working?
0
 

Author Comment

by:cpatte7372
ID: 40575357
Hi Don,

Apparently, I need the following configuration to make it work:

static (inside,newlan) 192.168.170.0 255.255.255.0 192.168.170.0 255.255.255.0

But it still doesn't work
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40575362
You will also need:

static (newlan, static) 192.168.170.0 255.255.255.0 192.168.170.0 255.255.255.0
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40575518
Sorry, I was away on a meeting. Were you able to get the traffic flowing?
0
 

Author Closing Comment

by:cpatte7372
ID: 40608049
Cheers
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40612074
Thanks for the grade. Good luck.
0

Featured Post

Improved Protection from Phishing Attacks

WatchGuard DNSWatch reduces malware infections by detecting and blocking malicious DNS requests, improving your ability to protect employees from phishing attacks. Learn more about our newest service included in Total Security Suite today!

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

I found an issue or “bug” in the SonicOS platform (the firmware controlling SonicWALL security appliances) that has to do with renaming Default Service Objects, which then causes a portion of the system to become uncontrollable and unstable. BACK…
Imagine you have a shopping list of items you need to get at the grocery store. You have two options: A. Take one trip to the grocery store and get everything you need for the week, or B. Take multiple trips, buying an item at a time, to achieve t…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Watch the video to know the process of migration of Exchange or Office 365 mailboxes in absence of MS Outlook. It is an eminent tool which can easily migrate Public, Archive user mailboxes from one another Exchange server and Office 365. Kernel Migr…

589 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question