cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
896
Views
0
Helpful
7
Replies

asa 5505 transparent firewall issue

zeuscyril
Level 4
Level 4

hi i am having uc560 with voice and data vlan and i am having 3560 layer3 switch and my network is working fine the dhcp for voice and data both are running in uc560.

now i  add asa 5505 between uc560 and switch in transparent mode means from uc560 to asa 5505 outside interface and from asa inside interface to switch,

i conigured vlan1 -- inside and vlan 2 as outside in asa  5505

in my uc 560 data is vlan 1 and my voice is vlan 100.

when i connect my network with transparent mode firewall no dhcp amd no phones are working . but if i remove asa and i connect with uc560 to switch everything is fine.

is there anyway to work multiple voice and data vlan in asa 5505 transparent mode.

7 Replies 7

Maykol Rojas
Cisco Employee
Cisco Employee

Depending on the license on the ASA 5505 you can add one interface to be trunk, but since you are in transparent, only two interfaces are going to be used.

Let me know.

Mike

Mike

Did you issue the command below on global config mode. "firewall transparent"

Please copy your config on the forum.

thanks

Rizwan Rafeek

i am having only base license so i cannt make port as trunk.

is there anyother way to do it.

Nope, there is no way to pass multiple vlans through a single port without trunk.

Mike

Mike

rizwanr74
Level 7
Level 7

"Nope, there is no way to pass multiple vlans through a single port without trunk."

That is is true transparent FW supposedly running on the same vlan.

Not necesarily if you want to have segmenation. The Idea of transparent firewall is to have two vlans, with the same IP scheme, that way the firewall will pick up the packets and do the bridge to the other vlan, if everything is on the same Vlan, the Traffic can easily bypass the firewall.

Mike.

Mike

hi rojas,

here is my problem,

my internet and voice all connected in the uc 560 so wat i am doing i am connecting firewall outside to uc 560 trunk port and the from inside to my switch.

when i connec to my switch it is giving message inconsistant vlan and it is port is blocked. and my phones are not working.

my data vlan1 is 192.168.123.x

and my voice vlan100 is  10.1.1.x

and the firewall ip 192.168.123.3

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: