[Webinar] Streamline your web hosting managementRegister Today

x
?
Solved

Cisco ASA Interface Configuration

Posted on 2015-01-28
15
Medium Priority
?
109 Views
Last Modified: 2015-02-16
Hello Experts,

Can someone let me know if its possible to configure interfaces on ASA with same named interface e.g.

interface Ethernet0/1
 description Connection to Inside A1 LAN
nameif inside
 security-level 100
 ip address 192.168.170.1 255.255.255.0

interface Ethernet0/2
 description Connection to Inside B2 LAN
nameif inside
 security-level 100
 ip address 10.25.0.1 255.255.255.0

Will the above work?

Regards
0
Comment
Question by:cpatte7372
  • 8
  • 5
  • 2
15 Comments
 
LVL 21

Expert Comment

by:netcmh
ID: 40575155
Is your end goal to permit traffic between the two interfaces with the same security level? Please read http://3cvguy.com/cisco-asa/

If it's just for aesthetics, I don't think you can name 2 interfaces the same name.
0
 

Author Comment

by:cpatte7372
ID: 40575160
Hi netcmh

Thanks for responding

Is your end goal to permit traffic between the two interfaces with the same security level?

Yes it is.

Is it possible?

Regards
0
 
LVL 21

Accepted Solution

by:
netcmh earned 2000 total points
ID: 40575168
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 

Author Comment

by:cpatte7372
ID: 40575182
Netcmh

I followed the instructions in the link but it didn't work, see below;

tina-asa(config)# same-security-traffic permit inter-interface
tina-asa(config)# int eth 0/2
tina-asa(config-if)# nameif inside
ERROR: Name "inside" has been assigned to interface Ethernet0/1
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40575185
You cannot name both the interfaces the same name. What is your requirement for doing this?
0
 

Author Comment

by:cpatte7372
ID: 40575202
Netcmh,

OK, I'm getting confused here:

ASA-CLI (config) # static (server,storage) 192.168.0.0 255.255.255.0 192.168.0.0 255.255.255.0

ASA-CLI (config) # static (storage,server) 192.168.2.0 255.255.255.0 192.168.2.0 255.255.255.0

Is (server,storage) the nameif for server and storage?
0
 

Author Comment

by:cpatte7372
ID: 40575215
I'm getting the error here:

static (inside,newlan) 192.168.170.0 255.255.255.0 192.168.170.0 255.255.255.0
                                                      ^
0
 

Author Comment

by:cpatte7372
ID: 40575219
You cannot name both the interfaces the same name. What is your requirement for doing this?

I have changed it on the second interface to 'newlan'

But I can't get the static to work, see above
0
 

Author Comment

by:cpatte7372
ID: 40575244
Any thoughts?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40575350
If both interfaces have the same security level (but different names) and you have "same-security-traffic permit inter-interface" enabled then you should be able to move traffic between those interfaces.

Is that not working?
0
 

Author Comment

by:cpatte7372
ID: 40575357
Hi Don,

Apparently, I need the following configuration to make it work:

static (inside,newlan) 192.168.170.0 255.255.255.0 192.168.170.0 255.255.255.0

But it still doesn't work
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40575362
You will also need:

static (newlan, static) 192.168.170.0 255.255.255.0 192.168.170.0 255.255.255.0
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40575518
Sorry, I was away on a meeting. Were you able to get the traffic flowing?
0
 

Author Closing Comment

by:cpatte7372
ID: 40608049
Cheers
0
 
LVL 21

Expert Comment

by:netcmh
ID: 40612074
Thanks for the grade. Good luck.
0

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Occasionally, we encounter connectivity issues that appear to be isolated to cable internet service.  The issues we typically encountered were reset errors within Internet Explorer when accessing web sites or continually dropped or failing VPN conne…
How to fix a SonicWall Gateway Anti-Virus firewall blocking automatic updates to apps like Windows, Adobe, Symantec, etc.
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…
Suggested Courses

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question