Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
0
Helpful
1
Replies

ASA 5505 - Forwarding packets decision from differents vlan

nicolas.chabalier
Level 1
Level 1

‎11-15-2013 12:51 AM - edited ‎03-11-2019 08:05 PM

Hi ASA Experts,

With an ASA 5505 Security plus, I wish to perform the following task:

- Consider that my network include (example vlan number):

     - Vlan 1 : Internal vlan / Secured users usage

     - Vlan 2 : Internal vlan / Unsecured users usage

     - Vlan 3 : Internal vlan / Internet URL Proxy

     - Internet : External / Unsecure network

On the ASA, e0/0 is Internet and e0/7 is Inrenal network.

1- If an user from vlan 1 send a packet to Internet, it is forwarding directly to e0/0.

2- If an user from vlan 2 send a packet to Internet, it is forwarding to Vlan 3 to be filtering/blocking by proxy (proxy has a direct "Internet OUT connection").

Thanks a lot for your help.

Labels:
0 Helpful
1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

‎11-15-2013 01:11 AM

Hi,

The only thing I have used on the ASA directly to perform what you want for Vlan2 users is WCCP with Ironport. Other than WCCP I am not sure what can be done on the ASA.

Some weeks ago there was a similiar question here on the forums where a user wanted to forward all Web traffic to a single host from a certain network. This was possible with a NAT configuration in the new ASA software levels (8.4(x) - 9.x) Though I would imagine its not a recomended solution for such a setup.

I guess typically something like this would be handled at the host level?

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card