ASA5505 - VLANS vs. Ethernet Interfaces

Unanswered Question
Mar 21st, 2007

I am in the process of configuring my ASA5505. I have the Security+ license. I am finding that I have no choice but to use VLANS and then switchport my E0/* interfaces. Is this true or can I somehow get around this setup and assign IPs and Names to E0/* interfaces w/o using VLANs?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
chrismisztur Fri, 03/23/2007 - 20:23

20 really? thru asdm must be.

I have experienced the same thing. VLANS rule!

I guess my understanding of VLANS vs physical int's wasn't up to par but Magnus solved the puzzle

remove the following lines from the config:

nat (DMZ) 1 access-list WEB1

global (outside) 1 webserver_real

And add the following lines:

static (DMZ,outside) webserver_real netmask

access-list ACLIN permit tcp any host webserver_real eq 80

I still don't get why the asa prefers the public IP over the NAT. Wait I get it. Public IP rules.


This Discussion