02-18-2007 09:54 PM - edited 03-11-2019 02:35 AM
Let's say I have the following configured on my ASA 5510:
Internet
|
ASA-----DMZ
|
Catalyst 3560
|
LAN
interface ethernet1.99
nameif management
security-level 100
ip address 192.168.1.1 255.255.255.0 standby 192.168.1.14
vlan 1
exit
interface ethernet1/1.100
nameif inside
ip address 192.168.2.1 255.255.255.0 standby 192.168.2.2
vlan 2
exit
As you can see the ASA has my users and servers are connected to vlan 2 and vlan 1 will be used for managing the routers, switches, and firewalls.
My question is the configuration for the firewall correct and what type of configuration would I need to do on the switch? whether i need to make the port on the switch as L3 which is connecting to inside interface of ASA.
Thanks
02-18-2007 10:17 PM
Hi,
Your config looks good.
Now whether we need a layer 2 switch or layer 3 switch well.... since your ASA has only one vlan to the inside interface..i think it would make do with a layer 2 interface and it would look at the mac addresses of the dest to transfer them accordingly
If someone could shed more light..
Thanks
Shyam
02-18-2007 10:23 PM
HI,
My plan is to add more vlan in the inside interface. I have L3 switch with 2 switches for redundancy. How to configure the switch and ASA inside interface for the traffic to flow for all vlans between. Whether i can enable HSRP on the two switches and configure the vlan as hsrp which will connect to inside interface of ASA
pls help
Thanks
02-18-2007 11:24 PM
Isn?t it a good idea to Configure Your L3 Switch your core VLAN and configure your Firewall as normal with DMZ.
02-19-2007 01:05 AM
Hi,
I am not clear. can you explain in more details pls..
thanks
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: