Showing results for 
Search instead for 
Did you mean: 

Adding interface voice vlan to ASA

Level 1
Level 1

Hi guys,

I am running an ASA 5505, V8.2.5 with security plus license.

I have added an additional vlan (Vlan100) to the asa and need it be identical in nature to vlan 1. For someone reason for PC's that are connected to vlan 1, I can't ping the gateway on vlan 100.  PC's that are on vlan 1, can ping interface vlan gateway and other PC's on vlan 1.

Can you someone take a look at my config and tell me what I need to add for the following to occur:

- vlan100 to get natted just like vlan 1 out to the internet.

-ping from vlan1 to vlan100, vice versa

- allow access from outside to access servers test 4 and test 5, http and www.

I bolded what I added.


ASA Version 8.2(5)
hostname ASA

name barr
name ewa
name test1
name test6
name test2
name test3
name test4
name test5
interface Ethernet0/0
 switchport access vlan 2
 speed 100
 duplex full
interface Ethernet0/1

description trunk to hp switch
 switchport trunk allowed vlan 1,100
 switchport mode trunk
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
 nameif inside
 security-level 100
 ip address
interface Vlan2
 nameif outside
 security-level 0
 ip address **Outside IP**
interface Vlan3
 nameif dmz
 security-level 50
 no ip address
interface Vlan100
 nameif voice-network
 security-level 100
 ip address
boot system disk0:/asa825-k8.bin
ftp mode passive
clock timezone CST -6
clock summer-time CDT recurring
dns server-group DefaultDNS
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group protocol TCPUDP
 protocol-object udp
 protocol-object tcp
object-group service DM_INLINE_TCP_1 tcp
 port-object eq www
 port-object eq https
object-group service DM_INLINE_TCP_2 tcp
 port-object eq imap4
 port-object eq pop3
 port-object eq smtp
access-list inside_nat0_outbound extended permit ip any
access-list vpn_splitTunnelAcl_2 standard permit
access-list outside_access_in extended permit tcp any any object-group DM_INLINE_TCP_2
access-list outside_access_in extended permit tcp any any eq ftp
access-list outside_access_in extended permit udp any any eq domain
access-list outside_access_in extended permit tcp any any object-group DM_INLINE_TCP_1
access-list capout extended permit tcp any interface outside eq smtp
access-list capout extended permit tcp interface outside eq smtp any
access-list capin extended permit tcp any host Barracuda eq smtp
access-list inside_access_in extended permit ip any any
pager lines 24
logging enable
logging asdm informational
logging ftp-server / syslog *****
no logging message 106015
no logging message 313001
no logging message 313008
no logging message 106023
no logging message 710003
no logging message 106100
no logging message 302015
no logging message 302014
no logging message 302013
no logging message 302018
no logging message 302017
no logging message 302016
no logging message 302021
no logging message 302020
flow-export destination inside 2055
flow-export template timeout-rate 1
flow-export delay flow-create 15
mtu inside 1500
mtu outside 1500
mtu dmz 1500
mtu voice-network 1500
ip local pool pool1 mask
ip local pool pool2 mask
no failover
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-647.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list inside_nat0_outbound
nat (inside) 1
static (inside,outside) tcp interface domain domain netmask
static (inside,outside) tcp interface smtp barr smtp netmask
static (inside,outside) udp interface domain domain netmask
static (inside,outside) tcp interface ftp test2 ftp netmask
static (inside,outside) tcp interface www test3 www netmask
static (inside,outside) tcp interface https test3 https netmask
static (inside,outside) tcp interface imap4 test3 imap4 netmask
static (inside,outside) tcp interface pop3 test3 pop3 netmask
access-group inside_access_in in interface inside
access-group outside_access_in in interface outside
route outside **Outside Router** 1


0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Review Cisco Networking products for a $25 gift card