Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
New Member

6509 routing and ASA

Here's my issue:

I have 4 data VLANs in my network and am using a 6509 w/ SUP720 to route for them. I am using an ASA for firewall and that is working just fine. The problem is that I cannot get any of the VLANs to route outside. On the ASA I have created subinterfaces and labeled them with VLAN information and IP addresses. The link between the ASA and the 6509 is a trunk link, there is not a native vlan set. If I just use ONE vlan with a static route on the 6509 to outside: ip route 0.0.0.0 0.0.0.0 10.128.0.2 (ip of subint "inside" on ASA) everything works fine. If I add a route for say vlan 50: ip route 0.0.0.0 0.0.0.0 vlan 50 10.85.120.2 (ip of sub-int "name") then neither vlan will pass traffic outside. As soon as I take that 2nd static route off, then it works fine. On the ASA if I do a sho route - it sees that 10.85.120.0 is a directly connected subnet, etc.

I am setting the workstations IP info manually for vlan 50 and if I use a default gateway of 10.85.120.1 (the SVI on the 6509) it won't work. However, if I use the "name" interface of the ASA as the default gateway for the PC's everything works fine. Am I missing something here??!??!!

2 REPLIES

Re: 6509 routing and ASA

Hi,

if your 6509 is setup as a router interconnecting all VLANs, then one default route in the IP routing table pointing to the ASA IP should do it. You wouldn´t even need a trunk to the ASA.

In case the 6509 works as a layer2 switch extending all VLANS to the ASA then set the respective ASA IP addresses as default gateway in your PCs and you should be fine as well. Then your ASA would be responsible for inter-VLAN routing.

It depends on what you would like to have.

Regards

Martin

New Member

Re: 6509 routing and ASA

OK - I see that. But is there a way to use the 6509 as a router AND seperate out the default gateways?

Thanks!!!

107
Views
0
Helpful
2
Replies
CreatePlease to create content