Design for ASA and Cat4510e integration for VLANs

Unanswered Question
Jan 12th, 2009

I currently have a Catalyst 4510e doing intervlan routing between multiple Vlans. I want to install an ASA 5540 into the mix which will have a DMZ and another firewalled PCI segment, that is protected by the ASA. Is there a Cisco article that describes designing maybe a dot1q trunk between the ASA and the 4500 so that I can keep using the 4500 as my core router but use the ASA for routing DMZ and PCI VLAN traffic? What I am looking to do is somehow continue managing vlans via the 4500 but having some of those vlans firewalled and routed by the ASA's. Hope this makes sense.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Mon, 01/12/2009 - 12:08

In your 4506's you would create new firewall VLAN's, but not configure any SVI's (layer 3 interfaces). The default gateway will be the ASA.

Hope that helps.

Check Jon's post for the interface config.

Actions

This Discussion