Filter
Top Products
45-24
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 45 Managing Firewall Devices
Configuring Firewall Device Interfaces
Media Type When Interface is the chosen Type and you enter a hardware port ID with
slot/port numbers in the Hardware Port field, these options are enabled.
(These options apply to ASA slot/port interfaces only.)
For all ASA 5500 series appliances, except the 5505, ports that are built into
the chassis are assigned to slot 0, while ports on the 4GE SSM are assigned
to slot 1. By default, all connectors used on an ASA are RJ-45 connectors.
However, the ports on the 4GE SSM can include fiber SFP connectors. As
part of the interface configuration for one of these fiber-based connections,
you must change the Media Type setting from the default (RJ45) to the
fiber-connector setting (SFP).
Fiber-based interfaces do not support duplexing and have a fixed speed, so
the Duplex option is disabled, and the Speed options are limited to auto and
nonegotiate.
Select the connector type used by this slot-1 interface:
• RJ45 – The port uses RJ-45 (copper) connectors.
• SFP – The port uses fiber SFP connectors. Required for 10-Gigabit
Ethernet cards.
VLAN ID When Subinterface is the chosen interface Type, or when you are defining a
logical interface on a device operating in transparent mode, on an ASA 5505,
or on a Catalyst 6500 services module (ASA-SM or FWSM), provide a
VLAN ID for this interface.
For PIX/ASA devices running operating system 7.2(2)18 or earlier, valid
VLAN IDs are 1 to 1001; with version 7.2(2)19 or later, valid IDs are 1 to
4090. For Catalyst 6500 services modules, valid IDs are 1 to 4096. The
specified VLAN ID must not be in use on any connected device.
Some VLAN IDs might be reserved on connected switches; see the switch
documentation for more information. In multiple-context mode, you can
only set the VLAN ID in the system configuration.
See Configuring Subinterfaces (PIX/ASA), page 45-7 for more information.
Subinterface ID When Subinterface is the chosen interface Type, or when defining an
interface on a device operating in transparent mode, provide an integer
between 1 and 4294967293 as the Subinterface ID.
For subinterface port identification, this ID is appended to the chosen
Hardware Port. For example, GigabitEthernet0.4 represents the subinterface
assigned an ID of 4, operating on the port GigabitEthernet0.
Note You cannot change the Subinterface ID after you set it.
IP Type PIX 7.0+ and ASA (except the 5505 in transparent mode) only.
The IP Type defines the type of IP addressing used for the interface; choose
Static IP, Use DHCP, or PPPoE (as described in Device Interface: IP Type
(PIX/ASA 7.0+), page 45-36).
Note You can configure DHCP and PPPoE only on the outside interface of
a security appliance.
Table 45-3 General tab: Add/Edit Interface Dialog Box (Continued)
Element Description