ASA 5505 base licences

Thaer.Badawi124 · ‎06-05-2017

Hi

I have a ASA 5505 base licences , and l3 Switch (Flat network). but now we need to add more vlans i had done this on the layer 3 switch and the vlans can communicate each other but only the vlan 1 (Default vlan) can access internet ,

my question is dose the ASA base licence support multi vlan to access internet ?

or do i need to buy higher licences .

Thanks

Karsten Iwen · ‎06-05-2017

You can connect multiple internal VLANs through the ASA to the internet. But there are some things to consider:

Do you also have the license for more than 10 inside hosts?
All User-VLANs should be terminated on the L3-Switch. Betwenn the ASA and the L3-Switch you only have a transfer VLAN without hosts. The ASA has routes to the internal networks.

In all cases, the 5505 with the base-license has reached a logical end of life. Think about migrating to an ASA 5506-X or Cisco Meraki MX64/MX65.

Thaer.Badawi124 · ‎06-06-2017

hi

Thanks for your answer

i will explain more

our network its small , now we bought new cisco l3 switch SG300 , i had configured 2 vlans

vlan 1 (default vlan ) 10.6.6.0/24

vlan 20 192.168.1.0 /24

i also configured inter-vlan , and the 2 vlans can communicate

we have windows server 2008 r2 working as DC-DHCP-AD

ASA inside 10.6.6.1

on switch default route 0.0.0.0 0.0.0.0 10.6.61

the DHCP serve all vlans without any problems

but my problem now the vlan 1 can access the internet

vlan 20 don't have access to the internet

from the switch i can ping 10.6.6.1 from 10.6.6.0 subnet

but i cant ping 10.6.6.1 from 192.168.1.0 subnet

my question is how i can make the vlan 20 have internet access?

and why the vlan 20 couldn't ping the ASA ?

is there any thing i missing to configure ?

Thanks