I am working on the exact same configuration as noted here (https://supportforums.cisco.com/message/3514264) that uses subinterfaces on the asa. I have two interfaces on my stacked 3750's configured as trunk ports (primary ASA on primary 3750 stack member, secondary ASA on secondary 3750 stack member).
My questions is what should the DG be configured on the 3750. Can I keep the 3750 in L2 or will I have to enable L3 routing? Should the VLAN interfaces be configured.
The port that the ASA is configured with has 3 subinterfaces on VLAN 100, 200, and 300.
The subinterfaces are G0/2.100, G0/2.200, and G0/2.300.
I am in the middle of converting from 3 separate DMZ switches, each attached to their own port on the asa which is their default gateway to one physical port on the ASA broken into 3 subinterfaces which then connect to stacked 3750's. The stack will then have the 3 separate DMZs in actual separate VLANs.
My goal is to leave the default gateway for each dmz on the ASA so I don't have to modify other areas of the ASA config.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...