Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA 5520 topology question

Topo.jpg

Default Gateway: 10.1.1.1/24

Router2: 10.1.1.1

ASA5520: 10.1.1.100

     g0/0: outside , connected to DepSW

     g0/1: inside1, connected to SWA

     g0/2: inside2, connected to SWC

PC1: 10.1.1.11

PC2: 10.1.1.12

PC3: 10.1.1.13

1. Blocking unwanted traffic from outside host (say PC3) to inside host (say PC1, PC2)

2. Redundancy for switch SWA and SWB, SWC and SWD.

3. PC1, PC2, PC3 MUST use same subnet 10.1.1.0 /24

Problem

PC1, PC2 and PC3 can be ping each other before I connected on the interface g0/2 on ASA. After connected and enable the infterface g0/2 on ASA, non of the PC1, PC2 and PC3 can be ping efach other. It seems have looping in path ASA, SWA, SWB, SWC and SWD.

Is it I needed to set the STP on the ASA interface g0/1 and g0/2?

1 REPLY

ASA 5520 topology question

I can see that everything is on the same subnet so you must be using a firewall on transparent mode.

Is it I needed to set the STP on the ASA interface g0/1 and g0/2?

NO, this is not need it on an ASA basis.

What does the logs say while you make the ping?

Can you run an asp capture and then try the ping

capture asp type asp-drop all

then do the ping

provide us the result of:

Show cap asp

Do rate all the helpful posts

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
242
Views
0
Helpful
1
Replies
CreatePlease login to create content