Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ASA multiple connections (VLANS) to the same Ethernet

Hi,

I have an ASA 5505 (SEC Plus) and I'm trying to configure it so it can be accessed from two subnets running in the same switch. Let's call the subnets:

192.168.1.0/24 and 192.168.2.0/24

I configured a VLAN for 192.168.1.0/24 on one ethernet port and another VLAN for 192.168.2.0/24 on another port. Let's assume that the two VLAN interfaces are configured with the following addresses 192.168.1.1 and 192.168.2.1. Both ASA ports are plugged into the same switch using different ports so that hosts from each respective subnet can get to the ASA. When I login to the ASA, I can ping hosts on both subnets via the respective interfaces but when I try to ping 192.168.2.1 from the hosts in that subnet, I get a single reply and the rest of the pings time out:

Pinging 192.168.2.1 with 32 bytes of data:

Reply from 192.168.2.1: bytes=32 time=1ms TTL=255

Request timed out.

Request timed out.

Request timed out.

Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 1, Lost = 3 (75% loss),

Approximate round trip times in milli-seconds:

Minimum = 1ms, Maximum = 1ms, Average = 1ms

What am I doing wrong?

Thank you!

J.

1 REPLY
Bronze

Re: ASA multiple connections (VLANS) to the same Ethernet

you are connecting the two ports on the same switch with no Vlan on the swith?

If so that is the problem, you are connecting ASA's interface 1 and ASA's interface 2 to eachother over layer2

They may be sharing the same MAC also.

You need either connect them to different switches or to different VLANS on the same switch.

138
Views
0
Helpful
1
Replies
CreatePlease to create content