asa 5505 transparent firewall issue

Unanswered Question
Feb 6th, 2012

hi i am having uc560 with voice and data vlan and i am having 3560 layer3 switch and my network is working fine the dhcp for voice and data both are running in uc560.

now i  add asa 5505 between uc560 and switch in transparent mode means from uc560 to asa 5505 outside interface and from asa inside interface to switch,

i conigured vlan1 -- inside and vlan 2 as outside in asa  5505

in my uc 560 data is vlan 1 and my voice is vlan 100.

when i connect my network with transparent mode firewall no dhcp amd no phones are working . but if i remove asa and i connect with uc560 to switch everything is fine.

is there anyway to work multiple voice and data vlan in asa 5505 transparent mode.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (0 ratings)
mayrojas Mon, 02/06/2012 - 12:26

Depending on the license on the ASA 5505 you can add one interface to be trunk, but since you are in transparent, only two interfaces are going to be used.

Let me know.

Mike

rizwanr74 Mon, 02/06/2012 - 13:22

Did you issue the command below on global config mode. "firewall transparent"

Please copy your config on the forum.

thanks

Rizwan Rafeek

zeuscyril Mon, 02/06/2012 - 21:18

i am having only base license so i cannt make port as trunk.

is there anyother way to do it.

mayrojas Tue, 02/07/2012 - 06:35

Nope, there is no way to pass multiple vlans through a single port without trunk.

Mike

rizwanr74 Tue, 02/07/2012 - 06:46

"Nope, there is no way to pass multiple vlans through a single port without trunk."

That is is true transparent FW supposedly running on the same vlan.

mayrojas Tue, 02/07/2012 - 06:52

Not necesarily if you want to have segmenation. The Idea of transparent firewall is to have two vlans, with the same IP scheme, that way the firewall will pick up the packets and do the bridge to the other vlan, if everything is on the same Vlan, the Traffic can easily bypass the firewall.

Mike.

zeuscyril Tue, 02/07/2012 - 23:09

hi rojas,

here is my problem,

my internet and voice all connected in the uc 560 so wat i am doing i am connecting firewall outside to uc 560 trunk port and the from inside to my switch.

when i connec to my switch it is giving message inconsistant vlan and it is port is blocked. and my phones are not working.

my data vlan1 is 192.168.123.x

and my voice vlan100 is  10.1.1.x

and the firewall ip 192.168.123.3

Actions

Login or Register to take actions

This Discussion

Posted February 6, 2012 at 11:26 AM
Stats:
Replies:7 Avg. Rating:
Views:537 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 7,861
2 6,140
3 3,170
4 1,473
5 1,446