physical interfaces on ASA5520

Discussion in 'Cisco' started by essenz, Mar 26, 2009.

  essenz

    essenz Guest

    My ASA5520 has 4 GE NIC, and one FE NIC/MGMT.

    Right now of my four GE NICs, I have outside, inside, dmz, and the
    fourth NIC is being using for failover cable.

    I need to add one more physical network segment, inside2. Can this be
    done on that 5 NIC the FE/MGMT? Or can failover be moved to the FE/
    MGMT NIC freeing up the last GE port?

    I used to do this on PIX 515E's which had 6 interfaces, so failover
    cable, and the statefull link, still left me me with enough NICs to do

    essenz, Mar 26, 2009
  2. There are multiple ways to do that. You can add Cisco ASA 5500 Series
    4-Port GE SSM card and get 4 more GE ports. You can configure management
    interface to carry production traffic (you will need Security Plus
    license, below is URL with description)

    Or you can use VLANs to get additional segments.

    I don't think it's a good idea to move fail-over to FE interface. If I
    remember it correctly, it should be as fast as fastest interface on the box.

    Andrey Tarasov, Mar 26, 2009
