09-26-2018 10:05 AM - edited 02-21-2020 08:17 AM
Hi,
Newbie question.
I have a 2960x with 3 VLANS (native VLAN is 1), already configured and working, in the sense that a PC on VLAN 1 cannot see a PC on VLAN 2 or 3. That is all I need. I do not need to do inter-VLAN routing. Nor do I want to use ACL's. Please keep the reply simple and on topic, I'm confused enough already.
I want to connect an ASA 5506 to the 2960x port 24 which is set up as a Trunk, to provide Internet access to all 3 VLANs. Again, I do not want to do inter-VLAN routing
What is the configuration for the ASA port? 2960x port 24 Trunk?
Should I keep VLAN 1 as native on the 2960? Or should I switch the native 2960x VLAN to something else? What are the implications of doing this?
Assistance with this configuration would be greatly appreciated. Please keep it simple.
Thanks in advance.
09-26-2018 12:00 PM
I prefer to native vlan as different vlan than vlan 1 if you do not have option then you can use vlan1 as native vlan and change , and other user network vlan with vlan 2, 3 ,4.
below thread give you simple NAT rule for the different VLAN to internet access only.
https://community.cisco.com/t5/firewalls/multiple-vlan-s-dynamic-nat-asa-5520-8-4-5/td-p/2311816
09-26-2018 01:16 PM
09-26-2018 01:50 PM - edited 09-26-2018 02:18 PM
That post was for a non VLAN aware router. This post is for the ASA 5506, which is VLAN aware. So I posted it here.
No such thing as a simple answer in Cisco land, is there? Why'd they even bother with a GUI on the 5506 if you can't do anything with it?
11-03-2018 05:25 PM
if the 2960x is a layer 3 switch, you could use the no switchport cmd to configure an IP on the port - use a /30 subnet with the other IP on the ASA, then use a default route with the next hop of the asa inside interface.
if it's a layer 2 switch, you have to create sub-ints for the vlans on the asa.
azam
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide