ASA 5510 help

Unanswered Question
Feb 18th, 2007

Let's say I have the following configured on my ASA 5510:

Internet

|

ASA-----DMZ

|

Catalyst 3560

|

LAN

interface ethernet1.99

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0 standby 192.168.1.14

vlan 1

exit

interface ethernet1/1.100

nameif inside

ip address 192.168.2.1 255.255.255.0 standby 192.168.2.2

vlan 2

exit

As you can see the ASA has my users and servers are connected to vlan 2 and vlan 1 will be used for managing the routers, switches, and firewalls.

My question is the configuration for the firewall correct and what type of configuration would I need to do on the switch? whether i need to make the port on the switch as L3 which is connecting to inside interface of ASA.

Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
shyamatopsource Sun, 02/18/2007 - 22:17

Hi,

Your config looks good.

Now whether we need a layer 2 switch or layer 3 switch well.... since your ASA has only one vlan to the inside interface..i think it would make do with a layer 2 interface and it would look at the mac addresses of the dest to transfer them accordingly

If someone could shed more light..

Thanks

Shyam

raj_bjs77 Sun, 02/18/2007 - 22:23

HI,

My plan is to add more vlan in the inside interface. I have L3 switch with 2 switches for redundancy. How to configure the switch and ASA inside interface for the traffic to flow for all vlans between. Whether i can enable HSRP on the two switches and configure the vlan as hsrp which will connect to inside interface of ASA

pls help

Thanks

shijasm Sun, 02/18/2007 - 23:24

Isn?t it a good idea to Configure Your L3 Switch your core VLAN and configure your Firewall as normal with DMZ.

raj_bjs77 Mon, 02/19/2007 - 01:05

Hi,

I am not clear. can you explain in more details pls..

thanks

Actions

This Discussion