Solved: VLAN fowarding on ASA 8.4(5) IOS Outside interface

AQUALUNGAMERICA · ‎09-20-2019

I have an ISP in Australia that requires VLAN 100 to connect to the Internet. This is pure data. It is Australia's NBN system. They have handed us a .252 Public IP to use on our Firewall with a default route to the upstream router they are using for our hand off.

By default, when you setup an ASA, the outside interface is set to VLAN 2. I have never had to worry about connecting to the router hand off of an ISP.

I have looked for documentation and have been to the formal school's of an ASA but I have never found any documentation that the outside interface of the ASA fowards VLAN traffic to the upstream router.

Can anyone please shed some light on this? The existing firewall is set in routing mode as we use NAT/PAT, site to site VPN tunnel and a VPN client back to the site.

Thank you

Carlos

bhargavdesai · ‎09-21-2019

It is not about upstream or outside or inside interface.
You can configure VLAN, the limitations are tied to the license.
For your reference links are below.
https://www.petenetlive.com/KB/Article/0001085

https://www.petenetlive.com/KB/Article/0000869

This is what i understand from above. You want to configure outside interface that send traffic tagged vlan 100. That you can with above links.

If not please provide more details and diagram for better understanding.

HTH

View solution in original post

bhargavdesai · ‎09-21-2019

It is not about upstream or outside or inside interface.
You can configure VLAN, the limitations are tied to the license.
For your reference links are below.
https://www.petenetlive.com/KB/Article/0001085

https://www.petenetlive.com/KB/Article/0000869

This is what i understand from above. You want to configure outside interface that send traffic tagged vlan 100. That you can with above links.

If not please provide more details and diagram for better understanding.

HTH