VLAN Mapping on the ASA
January 30th, 2008 • Related • Filed Under
I get questions from customers and partners alike asking me what ASA VLAN mapping is and how to configure it because they either overheard someone discussing it or read about it somewhere…so I figured I would try and answer both questions here. The ASA VLAN mapping feature allows you to route your VPN traffic to a specific ASA VLAN interface based on the group-policy the remote access user belongs to. The VLAN is configured under ASA group-policy. This is the ASA VLAN configured under the ASA sub-interface, not the switch. Here is a simple VLAN mapping configuration example below that I hope clears it up:
So essentially a user that logins under the group policy ‘CCIE6200′ will now be put into VLAN 1919…
Glad I just found your wordpress blog through Google.
Found just what I was looking for, thanks =)
Btw, wat plugins ...
This is a very good post. Thanks 
Addition: I made a research on that topic and the workaround is to decrease the TKIP rekeying timer to 120 ...
Very useful tips in this post. Thanks. I think I will implemented on my Firefox browser :) 
Hi Joe,
Regarding ASA redundancy & failover i understand that there are two levels:
1.Unit Level
2.Monitored interface level.
regarding monitored interface level, assuming ...
Thank you Rookie4life, I apologize for not posting that frequently lately but I've been busy with both personal and professional ...
Thanks for the video! Audio sounds fine to me. 
Comment by Anna Armarchuk on 1 November 2008:
This option of command is not existson ASA 7.1. What did you mean? Please, give me elucidation of the problem
LabDemo-ASA5505(config)# group-policy ciscovpn attributes
LabDemo-ASA5505(config-group-policy)# vl?
ERROR: % Unrecognized command
Comment by Joe Harris on 3 November 2008:
The ‘vlan’ option defined under the group policy was a 8.0 feature. You will need to upgrade to 8.0+ in order to use that command. Please see the following for additional details:
VLAN Command Reference
Release Notes