I've got a pair of 5520s in active/passive failover for a large, flat lan (/16).
I'm in the process of vlanning some of the remote sites. If I use a larger mask (/24) for the vlans, but use the same first two octets, do I need to make changes to the nat statements, etc, on the firewall?
Assuming you mean something along the lines of
nat (inside) 1 172.16.0.0 255.255.0.0
global (outside) 1 interface
or something like that then you create your /24 vlans as
etc. then i can't see a problem with this.