i have three servers connected to switch from that switch to i connected to firewall through this firewall iwant to communicate this servers and already i configure the firewall plz guide me if any changes require.
iam attaching my config.
Solved! Go to Solution.
can you describe your requirment in more details please?
u want to put each server in deffrent vlan and they communicate through the firewall
wat you want?
also how many vlan u have and how many physical interfaces in ur firewall u have?
let me know ur requirment in details to let me help u
Thanks for reply and i have 3 servers connected to switch and i want to communicate that servers through the firewall asa5505
plz tell me how can i config the firewall.
what you need to do is:
creat three vlans on your swtich and dont creat any vlan interface on the switch to avoid any vlan routing
lets say u created vlan 10, 20 , 30
put each server in a vlan
switchport access vlan 10
the same for each server
also reserve a firewall interface for each vlan and make the IP addressing of each server and firewall interface within the same vlan in the same ip addresing range
and make each interface in a corsponding vlan in the switch
let say inteface fa0/2 will be connected to the firewall so make it on vlan 10
and the same for each vlan and server
SERVER1--vlan10--switch--vlan10--firewall interface 1
server2--vlan20--switch--vlan20--firewall interface 2
and so one
in this case each server will communicate with firewall interface that its on the same vlan
lets say server 1 ip address is 10.1.1.5 and as we said server in vlan 10
now lets say in the firewall interface hat connected to the switch interface in vlan 10 is fa0/1
so give this firewall interface ip address as 10.1.1.1
now the default gateway for server 1 will be 10.1.1.1 which is the firewall interface that reside in the same vlan
and the same for all servers and their vlans
the communications between servers will be through the firewall
dont forget if u give each interface deffrent security level make the right ACL to allow comunication between them
the config will be only firewall ACLs and apply it in the right direction
do it if anything stoped let me know
please Rate if helpful
for more help
let say this is the fire wall interface connected to the switch port that is in vlan 10
ip address 10.1.1.1
server ip address 10.1.1.5 default gateway 10.1.1.1
lets say server one in vlan 20 has ip address 188.8.131.52
and its defaultgate way the ip address of the firewall interface that connect to the switch port in vlan 20
lets say 184.108.40.206
so if you want server1 communicat with server2
access-list 100 permit ip host 10.1.1.5 host 220.127.116.11
access-group 100 in interface inside1
and so on ...
Thanks for ur great on time support and iam very greatfull to u.
I tried ur config its working fine,
Thanks for netfourms and great support from u.