Dileep Sivadas ... Thu, 01/21/2010 - 01:17

Hello,

3560 SW   Name       SVI IP                     Inside
-------  -----       ------                     ------
                                               e0/1.11  .254                           
vlan 11---(voice)---192.168.11.253-------------------------|------|                     
                                              e0/1.12  .254|      |                     
vlan 12---(users)---192.168.12.253-------------------------|      |OUTSIDE              
                                              e0/1.13  .254| ASA  |---------------------ISP2-----------All Branch offices
vlan 13---(wap)-----192.168.13.253-------------------------|      |e0/0
                                              e0/1.136 .254|      |
vlan 136--(servers)-192.168.136.253------------------------|      |
             |                                             |------|
             |
             |
             |
             |--------ISA------------ISP1(primary)----Internet

I think the same-secuirty-traffic permit inter-interface command will help to solve the issue.

For this you need to change default gateway of ISA server to firewall.

Another way is that distribute this route by DHCP server if one exists

Configuration that you have attached have some issues like ip address overlapping both SVIs on switch and ASA and unable to find  trunk link to asa etc..

Also be clear on the default gateway configured on vlans.

Dileep

Actions

This Discussion