Filter
Top Products
45-22
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 45 Managing Firewall Devices
Configuring Firewall Device Interfaces
Interface On the ASA 5505, the Hardware Port is specified on the Hardware Ports
panel (see Configuring Hardware Ports on an ASA 5505, page 45-39). Also,
this option is not part of Catalyst 6500 services module (ASA-SM and
FWSM) configuration.
For a physical interface, provide the specific hardware port assigned to the
interface: enter a physical port ID, which includes network type, slot and
port number, in the form: type[slot/]port. This is also the name by which
subinterfaces can be associated with the interface.
The network type specified for the physical interface can be either Ethernet
or GigabitEthernet; on the ASA 5580, TenGigabitEthernet is also available.
This field provides automatic pattern matching: if you begin typing with the
letter e, “Ethernet” is inserted into the field. Similarly, typing the letter g
produces “GigabitEthernet.” Therefore, valid values are:
• Ethernet0 to Ethernetn
• GigabitEthernet0 to GigabitEthernetn
• GigabitEthernets/n
• TenGigabitEthernets/n (ASA 5580 only)
where s represents a slot number, and n represents a port number, up to the
maximum number of network ports in the slot or device.
For an ASA 5500 series appliance, enter the type and a slot/port pair; for
example, gigabitethernet0/1. Ports that are built into the chassis are assigned
to slot 0, while ports on the 4-Port Gigabit Ethernet Security Services
Module (4GE SSM) are assigned to slot 1. When you enter a slot/port pair,
the Media Type options are enabled.
The ASA 5500 series appliances also include a management interface type.
The management interface is a Fast Ethernet interface designed for
device-management traffic only, and is specified as management0/0. You
can, however, use this physical interface for through traffic if desired (be
sure the Management Only option is not selected). Thus, in transparent
firewall mode, you can use the management interface in addition to the two
interfaces allowed for through traffic. You can also add subinterfaces to the
management interface to provide management in each security context in
multiple-context mode.
If you are defining a subinterface, you can simply choose the desired
Hardware Port from a list of previously defined ports (you must also supply
a VLAN ID). If you do not see a desired interface ID, be sure that Interface
is defined and enabled.
Table 45-3 General tab: Add/Edit Interface Dialog Box (Continued)
Element Description