New Member

6509 routing and ASA

Here's my issue:

I have 4 data VLANs in my network and am using a 6509 w/ SUP720 to route for them. I am using an ASA for firewall and that is working just fine. The problem is that I cannot get any of the VLANs to route outside. On the ASA I have created subinterfaces and labeled them with VLAN information and IP addresses. The link between the ASA and the 6509 is a trunk link, there is not a native vlan set. If I just use ONE vlan with a static route on the 6509 to outside: ip route (ip of subint "inside" on ASA) everything works fine. If I add a route for say vlan 50: ip route vlan 50 (ip of sub-int "name") then neither vlan will pass traffic outside. As soon as I take that 2nd static route off, then it works fine. On the ASA if I do a sho route - it sees that is a directly connected subnet, etc.

I am setting the workstations IP info manually for vlan 50 and if I use a default gateway of (the SVI on the 6509) it won't work. However, if I use the "name" interface of the ASA as the default gateway for the PC's everything works fine. Am I missing something here??!??!!


Re: 6509 routing and ASA


if your 6509 is setup as a router interconnecting all VLANs, then one default route in the IP routing table pointing to the ASA IP should do it. You wouldn´t even need a trunk to the ASA.

In case the 6509 works as a layer2 switch extending all VLANS to the ASA then set the respective ASA IP addresses as default gateway in your PCs and you should be fine as well. Then your ASA would be responsible for inter-VLAN routing.

It depends on what you would like to have.



New Member

Re: 6509 routing and ASA

OK - I see that. But is there a way to use the 6509 as a router AND seperate out the default gateways?


