Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Transparent Firewall Config

My setup is as follows

(        vlan 10                  )     (                 vlan 20                 ) ---  (vlan 30)

172.21.1.30 ---- insideASA<  >outsideASA ---- gw-172.21.1.25 ---- client

The server in vlan 10 is on the same subnet as the gateway on vlan 20. 

I see the traffic is making to the firewall.  Below is a capture on the inside interface

  1: 16:35:23.320402 802.1Q vlan#10 P0 arp who-has 172.21.1.25 tell 172.21.1.30

  2: 16:35:24.320372 802.1Q vlan#751 P0 arp who-has 172.21.1.25 tell 172.21.1.30

  3: 16:35:25.320356 802.1Q vlan#751 P0 arp who-has 172.21.1.25 tell 172.21.1.30

And here is a capture on the outside interface.  .26 and .27 are members of an hsrp group.

1: 16:35:14.138969 802.1Q vlan#1131 P0 172.21.1.26.1985 > 224.0.0.102.1985:  udp 52

2: 16:35:15.164404 802.1Q vlan#1131 P0 172.21.1.27 > 224.0.0.10:  ip-proto-88, length 40

3: 16:35:15.344342 802.1Q vlan#1131 P0 172.21.1.27.1985 > 224.0.0.102.1985:  udp 52

Anyone have any ideas on what I'm doing wrong?

thank you,

Bill

1 REPLY
New Member

Transparent Firewall Config

I found the issue.  I still needed to create a bvi on the ASA and give it an IP address in the same network as my vlans.

367
Views
0
Helpful
1
Replies