Stuck with SG500X, vsphere 5.5, ASA 5505 and VLAN config
I'm having two C220M3 here running vSphere 5.5U1 (ESXi lus vCenter 5.5U1). I'm only using the two onboard NICs (CIMC NIC is used only for management, nothing else). So far my plan was to use the first onboard NIC for
- VM Network (Host Management, no VLAN) - INTRANET (VM LAN, no VLAN) - DMZ (VM LAN, VLAN 12 is set in VMware) - DMZ2 (VM LAN, VLAN 22 is set in VMware)
The second onboard NIC is used for iSCSI traffic only (to a Netapp 2040 and other storages). Here there is no tagging by VMware and the storages so I put the ports (where the hosts and storages are connected to) into Access Mode and placed them into VLAN 8 This works - but that's the easy part.
The ASA is using VLAN 12 for DMZ and VLAN 22 for DMZ2 (switchport mode of the ASA ports is Access). Port 3 of the ASA is connected to the SG500x (stack with a SG500, layer 2 mode, 4 queues; necessary VLANs are defined) - but obviously I'm not man enough to configure VLANs on the ports right to get traffic from the VMware to the ASA and out of there.
I was thinking that the first onboard port of the host (VM Network, INTRANET, DMZ, DMZ2) connected to the SG500x needs to be
- in trunk mode having - VLAN 1 as untagged (covering VM Network and INTRANET) and - VLAN12 and VLAN 22 as tagged VLANs (1UP, 12T, 22T in the web UI, switchport trunk allowed vlan add 12,22 in IOS/CLI)
while the port where the ASA is connected to the switch (here just DMZ2 -> VLAN22; DMZ with VLAN12 is an own switchport on the ASA) needs to be - in Access mode having - VLAN22 tagged (22UP; switchport mode access + switchport access vlan 22)
I was unable to get connect to the ASA and over (FW rules are ok to get outside, interface on the ASA is up)
I was also trying other settings for the port where the ASA is connected like
trunk with 1UP and 22T (switchport trunk allowed vlan add 22) trunk with PVID22 (switchport trunk native vlan 22)
Good morning,I am an Engineer from Spain. A free-lance.I am doing a
project and I would want your proposal for the Network .I have attached
a drawing of it.Now, I do not need a commercial bid. Only I want to know
the electronics device that I need and bro...
Do you visit the Cisco Software Download Center for Firmware/Software
Updates?If so, we need your help with an upcoming User Experience Study
as we seek to make improvements.Prefer participants with the following
qualifications:Experience with supporting ...
Use the Small Business Product Chooser to find the networking solution
that best meets your needs. Answer a few easy questions and product
chooser will navigate you through our catalog of routers, switches,
wireless access points, network storage, securit...