Same V-Lan communication between sites via Tunnel

Unanswered Question
Sep 28th, 2008


We have two ASA 5505 installed on both sites. If I make a new V-lan on FW1 like V-Lan 100 and assign the IP range and same V-lan I create on other site FW2 like V-lan 100 and not assigned any IP but I want the FW2 clent machine use the gateway and it will directly communicate. Is it possible? Thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Marwan ALshawi Sun, 09/28/2008 - 21:29

hi ray

as long as the traffic between the Firewalls if L3 then the vlan tag will be removed adn u will not keep the vlan end-to-end

clients on remote site need to use FW2 as gateway regardless witch interface they connect to that interface should be thier gateway to the other FW1

good luck

if helpful Rate

ray_stone Mon, 09/29/2008 - 00:14

FW 1 int e0/3 V-lan 100

FW 2 int e0/4 V-lan 100

Here we are not using any L3 switch all both int are configured on FW itself. Now please explain which wud be the gateway from client or FW.


Marwan ALshawi Mon, 09/29/2008 - 00:56

each host will use the inside firewall IP as defualt gateway in each in its site


clients behind FW1 will use FW1 as defualt gateway to go to FW2 and clients behind FW2 will use FW2 as defualt gateway

if helpful Rate

ray_stone Mon, 09/29/2008 - 01:04

Thanks!! Do i need to make two seperate subnets and allow them by making access list. Thanks

ray_stone Mon, 09/29/2008 - 23:18

Client Machine ( GTW Vlan 100 (Int e 0/2) ( Vlan 100 (Int e0/2) Same Vlan 100----Clent Machine (, GTW

The below scenario I want, is it possible through Tunnel. thanks


This Discussion