01-08-2014 12:08 AM - edited 03-11-2019 08:26 PM
Hello all!
I have a problem with the ASA 5512-X configuration.
As I understand it does not support VLAN trunks (as ASA 5505). Аnd this is a big problem for me. =(
I have the following scheme (and unfortunately, I can not add L3 switch):
Using subinterfaces I can configure only one port. The remaining ports refuse to be added to the same VLAN.
Please tell me how to configure such topology? Perhaps there is a way to make ASA 5512-X work as ASA 5505 ?
Solved! Go to Solution.
01-08-2014 12:12 AM
Hi,
The ASA5505 is very different compared to the other ASA models. It has a built in switch module so it has some qualities to it that you would expect in a L2/L3 switch.
However the ASA5512-X among with other ASA models has basic router ports that can be divived into different subinterfaces for the Vlans. You wont be able to configure the same Vlan to multiple ASA ports.
You should probably Trunk the switches together where needed and use a single Trunk from a switch to the ASA5512-X
- Jouni
01-08-2014 12:12 AM
Hi,
The ASA5505 is very different compared to the other ASA models. It has a built in switch module so it has some qualities to it that you would expect in a L2/L3 switch.
However the ASA5512-X among with other ASA models has basic router ports that can be divived into different subinterfaces for the Vlans. You wont be able to configure the same Vlan to multiple ASA ports.
You should probably Trunk the switches together where needed and use a single Trunk from a switch to the ASA5512-X
- Jouni
01-08-2014 12:28 AM
Thank you, Jouni!
This is what I expected. =(
By strange coincidence, my customer does not want to change the upper part of the topology.
What do you think if I will use the following scheme:
01-08-2014 12:38 AM
Hi,
Why not just configure a Trunk between the middle switch and the ASA and keep the Trunk links between the switches?
I guess the above setup would essentially work but is not really typical.
Why do they want to use 3 different physical interfaces on the ASA instead of just configuring a Trunk between the ASA and a single switch and dividing the network from there?
- Jouni
01-08-2014 12:44 AM
Jouni, thank you again!
They have second ASA 5512-X for cold standby and do not want to see any other "single point of failure".
This complicates the work, even for all the equipment and purchased SMARTnets.
In the original version I offered them to use one switch as the "core switch"))
OK, now I understand the whole situation.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide