Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

839
Views
0
Helpful
4
Replies
vgiyenko
Beginner
Beginner
‎01-29-2014 02:26 PM
‎01-29-2014 02:26 PM

ASA 5505 to allow internet from external vlans

Hello all.

I am facing the following issue: I have a layer 3 switch (3560) with multiple VLANs. The ASA (8.3) allowes internet access to only one VLAN at a time. I attempt to configure the ASA 5505 to allow all these VLANs access to the internet.

Any help is welcome.

Labels:
0 Helpful
2 ACCEPTED SOLUTIONS

Accepted Solutions
vishaw jasrotia
Beginner
Beginner
‎01-29-2014 08:34 PM
‎01-29-2014 08:34 PM

Hello .

Yes you can do the same . For that you have to do the NAT for these VLAN's.

Rest depends upon your connectivity , distribution ou your subnets , Interface created on ASA.

Thanks

View solution in original post

0 Helpful
Julio Carvajal
Advisor
Advisor
‎01-29-2014 10:16 PM
‎01-29-2014 10:16 PM

Hello,

As vishad said this is supported.

You could do this if the ASA connects have multiple interfaces connecting to the Vlans.

nat (any,outside) after-auto source dynamic any interface and that will do it

If the ASA only connects to the inside for the entire vlans (using routing) do

nat (inside,outside) after-auto source dynamic any interface

route inside x.x.x.x .x.x.x.x IP_Address_L3_Switch  (For all of the vlans)

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
4 REPLIES 4
vishaw jasrotia
Beginner
Beginner
‎01-29-2014 08:34 PM
‎01-29-2014 08:34 PM

Hello .

Yes you can do the same . For that you have to do the NAT for these VLAN's.

Rest depends upon your connectivity , distribution ou your subnets , Interface created on ASA.

Thanks

0 Helpful
Julio Carvajal
Advisor
Advisor
‎01-29-2014 10:16 PM
‎01-29-2014 10:16 PM

Hello,

As vishad said this is supported.

You could do this if the ASA connects have multiple interfaces connecting to the Vlans.

nat (any,outside) after-auto source dynamic any interface and that will do it

If the ASA only connects to the inside for the entire vlans (using routing) do

nat (inside,outside) after-auto source dynamic any interface

route inside x.x.x.x .x.x.x.x IP_Address_L3_Switch  (For all of the vlans)

Looking for some Networking Assistance? 
Contact me directly at jcarvaja@laguiadelnetworking.com

I will fix your problem ASAP.

Cheers,

Julio Carvajal Segura
http://laguiadelnetworking.com

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful
vgiyenko
Beginner
Beginner
‎01-30-2014 08:29 AM
‎01-30-2014 08:29 AM

Thank you all for the suggesions. I will give it a try. Will let you know of the outcome.

0 Helpful
vgiyenko
Beginner
Beginner
‎01-31-2014 12:18 PM
‎01-31-2014 12:18 PM

Than you guys. This worked for me.

0 Helpful
Latest Contents
Cisco ISE Integration With F5 BIG-IP LTM Load Balancer for G...
Created by Meddane on 05-15-2022 02:24 AM
0
0
0
0
I shared with you this detailed document I created with 27 pages about Cisco ISE Integration With F5 BIG-IP Locar Traffic Manager LTM Load Balancer for Guest Acces.   The method used for Guest Access is the Self-Registration. Healt Monitor using HTTP... view more
Cisco ASA 9.714 version SNMP not working in EVE-NG LAB Envir...
Created by waqas.muhammad49 on 05-10-2022 06:56 AM
0
0
0
0
I created an IPSEC Site to site Tunnel between two ASA Firewalls in EVE-NG topology and i want to plot the IPSEC Site to Site VPN graph on PRTG ? The SNMP Walk command is not getting any output . As the firewall is making SNMP inbound connections with the... view more
ISE Integration with Eduroam External Server
Created by deepuvarghese1 on 05-09-2022 08:31 PM
3
20
3
20
The purpose of this document is to demonstrate how ISE can integrate with an eduroam external server which is a WI-Fi roaming service that provides international access to devices in education, research, and higher education. Students, teachers, and resea... view more
SSL Decryption with Decrypt-Resign On Cisco FTD In-depth lec...
Created by Meddane on 05-05-2022 04:44 AM
0
0
0
0
On Cisco Firepower Threat Defense there are two ways to do SSL Decryption (two actions in the SSL Policy).Decrypt-Resign: for outbound connection (from an inside PC to an external server).Decrypt-Known-Key: for inbound connection (from an external PC to y... view more
Stop ransomware and zero-day threats with Cisco Secure Endpo...
Created by Sohaib Ahmed on 04-26-2022 05:24 PM
0
5
0
5
Cisco Secure Endpoint offers several protection engines which fight against threats like ransomware and zero-day. Are you an admin looking for protection on a short to mid-term basis or beginning to roll out protection across your organisation? The best p... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad