I am trying to configure a subinterface on my ASA 5520 on the inside interface. I have created the sub Int with vlan 900 and an ip assignment of 192.168.190.254 /24.
It is enabled.
But my core router can't see the interface. So the question is this. If I use sub interfaces on my ASA does it need to be trunked to my core router in order to pass more than one vlan to and from the inside asa port?
So all of my other interfaces are labeled under vlan as "Native" . I am looking at this through the asdm atm.
What I want to do, and this might be more info than you need. I want to have a wireless ap connected to a L2 switch trunked to another L2 switch that is trunked to my L2/L3 core switch / router.
And then from the core switch/router is connected through a VLAN (And physically) to the inside (non VLAN assigned other than default) to the inside physical port on the asa. The traffic on this VLAN 900 (The wireless access from the ap) needs to be pretty private from the ap to the asa and then allowed out to the Internet and back.
I was told when posing this question in the Wireless forum that it should be pretyt easy to do by just assigning a new VLAN (This would be VLAN 900) to the radios and interface on the ap, then not setting up a vlan int for this new vlan on the switches it passes through, but to just set the vlan 900 on each switch to male sure it trunks. By doing this the ip wouldn't get router at the core, but instead pass through to the gateway which would be the asa on the sub interface.
Now this isn't working atm, but I have verified by setting an int vlan 900 ip address on each switch along the way to make sure the traffic is making it from the ap through the trunks to the core. I even having it pick up an ip address from a dhcp server (Windows server) So I know broadcast is working as well to the core. What seems to be the issue is between the core and the asa so I suspect I have something missing or a concept missing on my part.
Any suggestions and or help on this would be appreciated.
Harmon City, Inc.