I have an ASA5512 feeding two Catalyst 3560's connected via 10Ge Fiber. Also on the network is a wireless controller for 7 access points. This is a high density environment.
I think I want to setup a couple of logical networks: a 192.168.1.x for the wired connections for the staff and a secured wireless SSID and then a 10.0.0.x/16 for the public/open wireless nework (To ensure I have enough IP's.
Do I use vlans for this? Can the ASA act as DHCP Server for both netorks?
I will also have 2 WAN connections here. Is Load Balancing possible?
It become easy for management when you are using VLAN to seprate network. If I am not wrong then ASA 5512 contains 6 Giga ports, 1 Management ports only. I think your Wireless are connected to switch so you will need VLAN for this network.
ASA can work as DHCP server. I am not sure that cisco 5512-x support Load Balancing, although you can use policy to do that.
I imagine that you will have to split the different networks into different Vlans and you can naturally take those Vlans all the way to the ASA with Trunk interfaces if you want to firewall the traffic between these networks which I assume you do.
I am not sure how many devices you expect your Wireless network to use but do notice that the ASA is not a very good choice as DHCP server if you have a large amount of users or want to use some DHCP features. There is for example a limitation on the ASA that you can only have a single DHCP Pool per interface on the ASA and that DHCP pool can be 256 IP addresses at max.
To my understanding the ASA does not support Load Balancing. Your options might be route certain destination networks towards certain ISP or perhaps use NAT configurations to forward certain internal networks traffic towards certain ISP. This is NOT Policy Based Routing but similiar though its not really suggested/recomended by Cisco.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :