Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Help with Switch Configuration

Hello All,

 

I am new to Cisco Networking and trying to setup a network. Here is how I want to setup.

Internet -> Cisco ASA -> Cisco Switch.

Very basic.  I tried configuring the ASA and Switch but I am stuck and don't know what I am doing wrong.  I can't ping from the switch to the ASA.  So I added the PC to the network so I can test.

Internet -> [Port E0/0] Cisco ASA [Port E0/1] -> [Port G1/0/24] Cisco Switch

                                    Cisco ASA [Port E0/2] -> PC

Now from the PC I can ping the ASA (ip address 10.10.10.73) but when I try to ping 10.10.10.73 from the switch it does not work.

Please see attached files for configurations.

Thanks for your help.

1 ACCEPTED SOLUTION

Accepted Solutions

Hi,Please correct your

Hi,

Please correct your interface Ge1/0/24 configuration on the switch, it is configured in trunk with native vlan 1, and ASA E0/1 belongs to vlan 50, so the switch would send the frames tagged to the ASA and it would not be able to interpret them, you would do one of the two solutions:

interface GigabitEthernet1/0/24
 switchport mode access
 switchport access vlan 50

And remove any remaining trunk configuration on that port.

or

Configure the native vlan on that trunk port as vlan 50 so the switch would send the frames untagged to ASA:

interface GigabitEthernet1/0/24
 switchport trunk native vlan 50

I would advice to use the first solution, which would be more accurate. Also please note that the ASA and the switch vlan 50 interface has different subnet mask, it would not be the cause of the issue you are having, but you should adjust them anyway.

Regards,

Aref

 

3 REPLIES

Hi,Please correct your

Hi,

Please correct your interface Ge1/0/24 configuration on the switch, it is configured in trunk with native vlan 1, and ASA E0/1 belongs to vlan 50, so the switch would send the frames tagged to the ASA and it would not be able to interpret them, you would do one of the two solutions:

interface GigabitEthernet1/0/24
 switchport mode access
 switchport access vlan 50

And remove any remaining trunk configuration on that port.

or

Configure the native vlan on that trunk port as vlan 50 so the switch would send the frames untagged to ASA:

interface GigabitEthernet1/0/24
 switchport trunk native vlan 50

I would advice to use the first solution, which would be more accurate. Also please note that the ASA and the switch vlan 50 interface has different subnet mask, it would not be the cause of the issue you are having, but you should adjust them anyway.

Regards,

Aref

 

New Member

You are awesome.  That works!

You are awesome.  That works!

 

Thank you very much for your help.

 

Regards,

Amit

:) glad to know that. You are

:) glad to know that. You are very welcome Sandman.

Regards,

Aref

141
Views
0
Helpful
3
Replies
CreatePlease login to create content