Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
342
Views
0
Helpful
2
Replies

multiple vlans on firewall

Go to solution
suthomas1
Level 6
Level 6

‎05-13-2010 08:14 AM - edited ‎03-11-2019 10:45 AM

There needs to be a base design to come up with for a data center where multiple server groups or units will be in place.

Wanted to know if there is any way to use ASA in such a scenario using vlan segmentatation or whatever means.

Objective is to achieve resiliency and security within these multiple groups. If there is any inter-group communication required, it is desired to be done in a very limited manner.

Please give valuable inputs. Achieving optimum device/design is also a thrust here, like what platform would be used as core switching/routing and how to judge that.Links to any such design or scenario will be of great help also

Thanks in advance as usual for all fellow members!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎05-13-2010 09:10 AM

ASA can do vlanning. You can create vlan logical subinterfaces and they can act as regular interfaces and pass traffic between them and everything.

So using a switch to put hosts, servers etc in vlans and have the ASA "firewall" traffic between them.

Depending on your traffic requirements you should chose your ASA model 5510-20 are the low-end models, 5540 is mid-size and 5550s and 5580s are powerful boxes.

As for the switches, there is a great variety of switches you can chose from.

I hope it helps you to get started.

PK

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Collin Clark
VIP Alumni
VIP Alumni

‎05-13-2010 09:00 AM

You can use trunking on the ASA and the ASA will be the default gateway for each subnet. Any inter-vlan communication will have to flow through the ASA and you can restrict/allow as you see fit.

0 Helpful

Go to solution
Panos Kampanakis
Cisco Employee
Cisco Employee

‎05-13-2010 09:10 AM

ASA can do vlanning. You can create vlan logical subinterfaces and they can act as regular interfaces and pass traffic between them and everything.

So using a switch to put hosts, servers etc in vlans and have the ASA "firewall" traffic between them.

Depending on your traffic requirements you should chose your ASA model 5510-20 are the low-end models, 5540 is mid-size and 5550s and 5580s are powerful boxes.

As for the switches, there is a great variety of switches you can chose from.

I hope it helps you to get started.

PK

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card