I have just been asked to install a ASA 5510 into our network. I have never used an ASA device so i am looking for the best way to connect it into the network. It will be connected to a 3560 switch. which is part of a vtp domain with 15 vlans. Can i add the ASA over a trunk? I have read that i need security plus license to do this. If this is the case do i need to configure a route on the switch? Any ideas will help.
Is your 3560 switch doing the inter-vlan routing at the moment ?.
If it is do you have a requirement to firewall traffic between these vlans or is the ASA to protect the vlans from the outside.
If it is to protect from the outside the simplest thing to do is have separate vlan for connectivity between the switch and the router and add a route on the ASA for the internal networks pointing to the vlan interface on the 3560 and then on the 3560 add a default route poiinting to the ASA.
if this isn't what you want could you please elaborate on your requirements.
The asa is to protect from the outside and maybe provide vpn access. It will be used as a back up route to the internet incase our group internet connection goes down (our group network is managed by an external company).
This solution is what i was thinking of. Thanks for the advice.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...