Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

Same V-Lan communication between sites via Tunnel

Hi,

We have two ASA 5505 installed on both sites. If I make a new V-lan on FW1 like V-Lan 100 and assign the IP range 192.168.10.1/24 and same V-lan I create on other site FW2 like V-lan 100 and not assigned any IP but I want the FW2 clent machine use the gateway 192.168.10.1 and it will directly communicate. Is it possible? Thanks

8 REPLIES

Re: Same V-Lan communication between sites via Tunnel

hi ray

as long as the traffic between the Firewalls if L3 then the vlan tag will be removed adn u will not keep the vlan end-to-end

clients on remote site need to use FW2 as gateway regardless witch interface they connect to that interface should be thier gateway to the other FW1

good luck

if helpful Rate

New Member

Re: Same V-Lan communication between sites via Tunnel

FW 1 int e0/3 V-lan 100 192.168.10.1/24

FW 2 int e0/4 V-lan 100

Here we are not using any L3 switch all both int are configured on FW itself. Now please explain which wud be the gateway from client or FW.

Thanks

Re: Same V-Lan communication between sites via Tunnel

each host will use the inside firewall IP as defualt gateway in each in its site

cllients---FW1-----FW2---clients

clients behind FW1 will use FW1 as defualt gateway to go to FW2 and clients behind FW2 will use FW2 as defualt gateway

if helpful Rate

New Member

Re: Same V-Lan communication between sites via Tunnel

Thanks!! Do i need to make two seperate subnets and allow them by making access list. Thanks

New Member

Re: Same V-Lan communication between sites via Tunnel

Please advice??

Re: Same V-Lan communication between sites via Tunnel

ok simly make like

192.168.1.0/24--FW1---othersubnet--FW2--192.168.2.0/24...

New Member

Re: Same V-Lan communication between sites via Tunnel

Client Machine (192.168.10.3 GTW 192.168.10.1)---ASA Vlan 100 (Int e 0/2) (192.168.10.1)-----Tunnel-------ASA Vlan 100 (Int e0/2) Same Vlan 100----Clent Machine (192.168.10.4, GTW 192.168.10.1)

The below scenario I want, is it possible through Tunnel. thanks

New Member

Re: Same V-Lan communication between sites via Tunnel

Pls advice!!!

182
Views
0
Helpful
8
Replies
CreatePlease to create content