cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1365
Views
0
Helpful
3
Replies

Connectivity between ASA 5505 and cisco switch 3750

vinodjad1234
Level 2
Level 2

Hi ,

I have network set-up with cisco ASA 5505 as a layer 3 connectivity for 3 Vlans which are created in cisco switch 3750 ( mentioned switch is configured as a layer 2 )  it is suppose to connect directly to ASA .


If I would have got connectivity to  router for layer 3 , it would have been simple to make subinterface and configure as a trunk but about ASA , I have no idea.

I would like to configure the trunk connection between ASA and cisco switch 3750 ( this switch is configured as a layer 2 functionality only ) .

It would be greatful to get response for mentioned query.

for further details , I have attached 3750 switch configuration. I need configuration on ASA side.

Thanks in advance.

3 Replies 3

cowetacoit
Level 1
Level 1

Check out these two Docs. One is for the ASDM and the other CLI for the ASA. Basically you create the vlans on the ASA then assign them to the interface. As for the switch the config looks fine. You will need to add a 802.1x trunk to your ASA with needed vlans.

http://www.cisco.com/en/US/docs/security/asa/asa83/asdm63/configuration_guide/intrface.html#wp1082576

http://www.cisco.com/en/US/docs/security/asa/asa83/configuration/guide/intrface.html#wp1082576

Hitesh Vinzoda
Level 4
Level 4

Hi

You dont have to configure anything under the physical internface on ASA. See the configuration below for ASA

interface GigabitEthernet0/2.56
vlan 56
nameif corp
security-level 20
ip address 172.21.56.1 255.255.255.0

interface GigabitEthernet0/2.57
vlan 57
nameif sales

security-level 30
ip address 172.21.57.1 255.255.255.0

and so on.

you have configure the port on 3750 to be configured as dot1q trunk. thats it...!! Also when you are using 3750 switch as a layer 2, dont use default route, instead of that you can use ip default-gateway x.x.x.x command to accomplist the same.

HTH

Hitesh Vinzoda

Pls rate useful posts

Nagaraja Thanthry
Cisco Employee
Cisco Employee

Hello,

5505 is a firewall with switch module on it. So, you need to configure it

similar to a switch. Please try the following on the firewall:

interface vlan 1

nameif inside

security-level 100

ip address

Switchport trunk encapsulation dot1q

Switchport mode trunk

exit

Here is a guide on ASA5505 configuration:

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/int55

05.html

Hope this helps.

Regards,

NT

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco