Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
481
Views
0
Helpful
4
Replies

ASA 5510 help

raj_bjs77
Level 1
Level 1

‎02-18-2007 09:54 PM - edited ‎03-11-2019 02:35 AM

Let's say I have the following configured on my ASA 5510:

Internet

|

ASA-----DMZ

|

Catalyst 3560

|

LAN

interface ethernet1.99

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0 standby 192.168.1.14

vlan 1

exit

interface ethernet1/1.100

nameif inside

ip address 192.168.2.1 255.255.255.0 standby 192.168.2.2

vlan 2

exit

As you can see the ASA has my users and servers are connected to vlan 2 and vlan 1 will be used for managing the routers, switches, and firewalls.

My question is the configuration for the firewall correct and what type of configuration would I need to do on the switch? whether i need to make the port on the switch as L3 which is connecting to inside interface of ASA.

Thanks

Labels:
0 Helpful
4 Replies 4

shyamatopsource
Level 1
Level 1

‎02-18-2007 10:17 PM

Hi,

Your config looks good.

Now whether we need a layer 2 switch or layer 3 switch well.... since your ASA has only one vlan to the inside interface..i think it would make do with a layer 2 interface and it would look at the mac addresses of the dest to transfer them accordingly

If someone could shed more light..

Thanks

Shyam

0 Helpful

raj_bjs77
Level 1
Level 1
In response to shyamatopsource

‎02-18-2007 10:23 PM

HI,

My plan is to add more vlan in the inside interface. I have L3 switch with 2 switches for redundancy. How to configure the switch and ASA inside interface for the traffic to flow for all vlans between. Whether i can enable HSRP on the two switches and configure the vlan as hsrp which will connect to inside interface of ASA

pls help

Thanks

0 Helpful

shijasm
Level 1
Level 1

‎02-18-2007 11:24 PM

Isn?t it a good idea to Configure Your L3 Switch your core VLAN and configure your Firewall as normal with DMZ.

0 Helpful

raj_bjs77
Level 1
Level 1
In response to shijasm

‎02-19-2007 01:05 AM

Hi,

I am not clear. can you explain in more details pls..

thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card