Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5505 - Forwarding packets decision from differents vlan

Hi ASA Experts,

With an ASA 5505 Security plus, I wish to perform the following task:

- Consider that my network include (example vlan number):

     - Vlan 1 : Internal vlan / Secured users usage

     - Vlan 2 : Internal vlan / Unsecured users usage

     - Vlan 3 : Internal vlan / Internet URL Proxy

     - Internet : External / Unsecure network

On the ASA, e0/0 is Internet and e0/7 is Inrenal network.

1- If an user from vlan 1 send a packet to Internet, it is forwarding directly to e0/0.

2- If an user from vlan 2 send a packet to Internet, it is forwarding to Vlan 3 to be filtering/blocking by proxy (proxy has a direct "Internet OUT connection").

Thanks a lot for your help.

1 REPLY
Super Bronze

ASA 5505 - Forwarding packets decision from differents vlan

Hi,

The only thing I have used on the ASA directly to perform what you want for Vlan2 users is WCCP with Ironport. Other than WCCP I am not sure what can be done on the ASA.

Some weeks ago there was a similiar question here on the forums where a user wanted to forward all Web traffic to a single host from a certain network. This was possible with a NAT configuration in the new ASA software levels (8.4(x) - 9.x) Though I would imagine its not a recomended solution for such a setup.

I guess typically something like this would be handled at the host level?

- Jouni

132
Views
0
Helpful
1
Replies
CreatePlease login to create content