Which ASA interface module do we need?

Unanswered Question
Sep 16th, 2010

/* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; mso-style-qformat:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-ascii-font-family:Calibri; mso-ascii-theme-font:minor-latin; mso-fareast-font-family:"Times New Roman"; mso-fareast-theme-font:minor-fareast; mso-hansi-font-family:Calibri; mso-hansi-theme-font:minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-font:minor-bidi;}

Have (2) ASA 5520’s at a site, in HA mode, both connecting the external FE port to the router.  These 2 FE ports need IP addresses on the same network (and hopefully consecutive), so the site network engineer said that we should not use the on-board Ethernet interfaces on the 2800’s for that, but instead should use HWIC ports to create a VLAN with the 2 router FE ports in it.  Of course, we’ll have to route the traffic from that VLAN over to the MLPPP interface.  So the question is – which HWIC do we need in order to do that?  Does the HWIC-4ESW give you that capability or does it have to be the other one with routed interfaces?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Magnus Mortensen Wed, 09/22/2010 - 17:30

Stephen, it looks like that module would work. Essentially those two ports connecting to the ASAs need to be in the same VLAN on the WiC and then the router would have an SVI in that VLAN (int vlan ##). The matching ASA interfaces have to be in the same Layer2 domain. - Magnus

Posted from my mobile device.


This Discussion