I have all the internal VLANs connected to a Cisco 4500R. This 4500R has a default gateway pointing to the INSIDE interface of an ASA 5550, which gives everybody access to the Internet.
So far, so good.
The problem is that one particular VLAN which is the MANAGEMENT VLAN resides on the 4500R, but it also has another interface on the ASA. In other words, the MANAGEMENT interface on the ASA connects to the 4500R as well.
The problem is the following:
If I set the default gateway for the devices residing on the MANAGEMENT VLAN to be the 4500R, then the IT VLAN can manage the devices on the MANAGEMENT VLAN, but they don't get Internet access. (This is because the 4500R receives this traffic and send it to the INSIDE interface of the ASA, but because the ASA has a MANAGEMENT interface with the same subnet, it won't work).
If I set the default gateway for the devices residing on the MANAGEMENT VLAN to the be MANAGEMENT interface of the ASA, then they get Internet access, but the IT VLAN cannot access the MANAGEMENT VLAN. (This is because the ASA receives the MANGEMENT devices then send the traffic to the ASA instead than send it to the IT VLAN).
At least this is what it seems....
Could some one please point me out in the right direction about getting this working?
You need to allocate a /30 subnet between the 4500 and the ASA and use that as the internet gateway and get the management vlan by itself and that behavior will stop. You can't have the mgt. vlan and the connection to the ASA on the same subnet.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...