I have a Cisco ASA 5510 and need to use it to route between VLANs as i don't have a router for the time being. I have been reading online and it is possible as it is a layer 3 device, although I can't seem to get it working.
I have an inside, outside and a DMZ. The DMZ is in the IP range 220.127.116.11/24 and in vlan 80 and the inside is in the IP range 10.192.3.0/24 and in vlan 10. These are the 2 vlan/ip ranges I need to communicate.
On the switch I am using the config commands:
switchport trunk allowed vlan all
switchport mode trunk
Then ports 1 to 36 are placed on vlan 10 and ports 37 to 47 are on vlan 80; all set for access mode.
On the ASA i am using the config:
Interface Ethernet 0/3
No ip address
Interface Etherenet 0/3.1
Ip address 18.104.22.168 255.255.255.0
Interface Etherenet 0/3.2
Ip address 10.192.3.2 255.255.255.0
I thought the problem may be because I don't have any encapsulation on the trunking ports. The ASA command "vlan 10" apparently encapsulates in dot1q automatically, but i can't seem to find where to do this on the switch: the switch is a catalyst 2960.
Hopefully someone can help me get these 2 lans communicating.
On the 2960 I'm pretty sure that only dot1q is supported. On the switch you can verify if the trunk is working with show interface trunk and it should show fa0/48 as a trunk. I do see an error on the ASA config. The main interface can not have a nameif.
You will also need same-security-traffic permit inter-interface
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :