09-28-2008 08:06 PM - edited 03-11-2019 06:50 AM
Hi,
We have two ASA 5505 installed on both sites. If I make a new V-lan on FW1 like V-Lan 100 and assign the IP range 192.168.10.1/24 and same V-lan I create on other site FW2 like V-lan 100 and not assigned any IP but I want the FW2 clent machine use the gateway 192.168.10.1 and it will directly communicate. Is it possible? Thanks
09-28-2008 09:29 PM
hi ray
as long as the traffic between the Firewalls if L3 then the vlan tag will be removed adn u will not keep the vlan end-to-end
clients on remote site need to use FW2 as gateway regardless witch interface they connect to that interface should be thier gateway to the other FW1
good luck
if helpful Rate
09-29-2008 12:14 AM
FW 1 int e0/3 V-lan 100 192.168.10.1/24
FW 2 int e0/4 V-lan 100
Here we are not using any L3 switch all both int are configured on FW itself. Now please explain which wud be the gateway from client or FW.
Thanks
09-29-2008 12:56 AM
each host will use the inside firewall IP as defualt gateway in each in its site
cllients---FW1-----FW2---clients
clients behind FW1 will use FW1 as defualt gateway to go to FW2 and clients behind FW2 will use FW2 as defualt gateway
if helpful Rate
09-29-2008 01:04 AM
Thanks!! Do i need to make two seperate subnets and allow them by making access list. Thanks
09-29-2008 05:37 AM
Please advice??
09-29-2008 10:11 PM
ok simly make like
192.168.1.0/24--FW1---othersubnet--FW2--192.168.2.0/24...
09-29-2008 11:18 PM
Client Machine (192.168.10.3 GTW 192.168.10.1)---ASA Vlan 100 (Int e 0/2) (192.168.10.1)-----Tunnel-------ASA Vlan 100 (Int e0/2) Same Vlan 100----Clent Machine (192.168.10.4, GTW 192.168.10.1)
The below scenario I want, is it possible through Tunnel. thanks
07-22-2009 07:04 PM
Pls advice!!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: