Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1674
Views
0
Helpful
4
Replies

ASA 5505 vlan's routing & access-list

Narsimha Golla
Level 1
Level 1

‎01-05-2012 09:44 AM - edited ‎03-11-2019 03:10 PM

Dear All,

Please suggest the configuration for bellow attached document

Thanks,

Narsimha

Labels:
Preview file
104 KB
0 Helpful
4 Replies 4

ajay chauhan
Level 7
Level 7

‎01-05-2012 09:51 AM

If you have any specific question then people here might guide you but if you are looking for full explanation for each and everything then you much must read the configuration guide of your ASA product frist.

Thanks

Ajay

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni

‎01-05-2012 09:54 AM

Hello,

You have set up the ASA interface as a trunk link.

So now all you need to do is to create an acl on the inside interface like this:

-access-list test deny ip host 192.168.1.5 192.168.20.0 255.255.255.0

-access-list test permit ip any any

acess-group test in interface inside

That should do it.

Regards,

Please rate if post was helpful!

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

rizwanr74
Level 7
Level 7
In response to Julio Carvajal

‎01-05-2012 10:52 AM

You setup is configurable. It is not fair you expect the whole configurations from Cisco Support community users, who are doing it for labor of love. Even if someone gives you a whole confirmation, it does not end there but you need to maintain and change configuration time and time again.

I would recommend you, if you do not want to bother with configuration technical nitty-gritty on ASA5505 firewall, just get a layer3 switch and enable NAT on the firewall and make your life easy for you.

0 Helpful

Julio Carvajal
VIP Alumni
VIP Alumni
In response to rizwanr74

‎01-05-2012 10:58 AM

Hello,

Adding to what rizwanr74 has said ( 100 % true) the configuration is not that hard, you just need to configure the link to the ASA to the switch as a trunk, and that's it, inter-vlan routing will be done. Now you just need to create an ACL to limit that traffic.

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card