Recently we had a team change the inside interface of one of our ASA’s to be a trunked port so we could support multiple VLANs. To do that, we needed to move the “nameif Inside” command and IP address from the physical interface (Eth0/1) to a new subinterface (Eth0/1.4094). In doing so I came across a few gotchas: [more]
Problem 1:
When you remove the nameif command from an interface, all associated configuration is removed from the running-config.
Solution:
There isn’t an easy way to migrate the nameif command from one physical interface to a new one. Once you make the change you have to reenter any configuration that included the interfaces nameif name. The alternative is to create a new startup-configuration with the changes and reboot to that startup file.
Problem 2:
After moving the nameif command to a new sub-interface I couldn’t SSH to the device via that interface.
Solution:
Basically, the SSH daemon needs to be restarted. I was remotely making these changes via SSH so my only option was to reboot the ASA.