ESA and Virtual LANs

Virtual local-area networks (VLAN) can be used to connect an ESA to more networks than the physical interfaces and routing limits normally allow. When you create a VLAN interface using the etherconfig command, you can also have a real IP address on the physical port so that it can handle both VLAN and non-VLAN traffic.

For a server role, like ESA, the chief value of VLAN support is segmentation and security. It’s also provided for compatibility with networks that use VLANs.

VLANs are easy to create and must be done in the CLI using the etherconfig command. Example 12-3 shows the process of creating the VLAN.

Example 12-3. Adding a VLAN Using etherconfig

---

esa02.cisco.com> etherconfig


Choose th operation you want to perform:
- MEDIA - View and edit ethernet media settings.
- VLAN - View and configure VLANs.
- LOOPBACK - View and configure Loopback.
- MTU - View and configure MTU.
[]> vlan

VLAN interfaces:

Choose the operation you want to perform:
- NEW - Create a new VLAN.
[]> new

VLAN tag ID for the interface (Ex: "34"):
[]> 2

Enter the name or number of the ethernet interface you wish bind to:
1. Data 1
2. Data 2
[1]> 1

VLAN interfaces:
1. VLAN    2 (Data 1)

Choose the operation you want to perform:
- NEW - Create a new VLAN.
- EDIT - Edit a VLAN.
- DELETE - Delete a VLAN.
[]>