I have been working with various Cisco devices for many years now. Even though I hold a valid CCNP, I didn’t had the chance to work during the past months with Cisco devices as much as I was when I was actively working in the ISP field. Sill, from time to time I take on small consulting Cisco related projects. This post will show how to overcome the frustration on the top line Cisco ASA firewalls not supporting interface ip aliases.

Cisco PIX firewalls have been around for many years and I was aware of the stupid limitation they had about not being able to add ip aliases on their interfaces. Again this was many years ago… Today when I had to configure a small Cisco ASA 5505 device, I didn’t even thought that the fanciest line of Cisco firewalls still has this limitation. You could say that the 5505 is the cheapest models and this is the reason for the limitation. Well, it costs much more than any other similar hardware firewall and honestly every other box I have seen support this (I can’t even call it feature)… I can’t be certain as I don’t have such a device to test out, but from what I can tell, all the ASA product line has the same issue, including the higher level 5550 and 5580.

Read the rest of this entry »