cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
412
Views
0
Helpful
1
Replies

ASA 5520 topology question

chantiklun
Level 1
Level 1

Topo.jpg

Default Gateway: 10.1.1.1/24

Router2: 10.1.1.1

ASA5520: 10.1.1.100

     g0/0: outside , connected to DepSW

     g0/1: inside1, connected to SWA

     g0/2: inside2, connected to SWC

PC1: 10.1.1.11

PC2: 10.1.1.12

PC3: 10.1.1.13

1. Blocking unwanted traffic from outside host (say PC3) to inside host (say PC1, PC2)

2. Redundancy for switch SWA and SWB, SWC and SWD.

3. PC1, PC2, PC3 MUST use same subnet 10.1.1.0 /24

Problem

PC1, PC2 and PC3 can be ping each other before I connected on the interface g0/2 on ASA. After connected and enable the infterface g0/2 on ASA, non of the PC1, PC2 and PC3 can be ping efach other. It seems have looping in path ASA, SWA, SWB, SWC and SWD.

Is it I needed to set the STP on the ASA interface g0/1 and g0/2?

1 Reply 1

Julio Carvajal
VIP Alumni
VIP Alumni

I can see that everything is on the same subnet so you must be using a firewall on transparent mode.

Is it I needed to set the STP on the ASA interface g0/1 and g0/2?

NO, this is not need it on an ASA basis.

What does the logs say while you make the ping?

Can you run an asp capture and then try the ping

capture asp type asp-drop all

then do the ping

provide us the result of:

Show cap asp

Do rate all the helpful posts

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: