ASA 5510 vlan config errors / no icmp replies

timmatthews · ‎10-06-2008

Hi All,

I have been racking my brains and no doubt am further from the answer now than when I started. I have two 5510s in a/s working fine but cannot get a response from ASA to client once the vlan on ethernet0/2(2.2) pinged (from ASA).

Int 0/2 vlan 2.2 ip 10.0.2.5 cannot reach 10.0.2.100 on a laptop client. I am using a Cat CE500 which has switchports and no cmd line at all so am not sure if I have configured incorrectly or not, perhaps it is the switch, but I need the route around and these vlans (1 & 2) need to communicate with eachother. Anyone got suggestions?

System is ASA5510-AIP10w with Sec plus license.

Many thanks in advance, Timm

hadbou · ‎10-10-2008

Check the vlan configuration as any misconfiguration could result in no connectivity between devices in same vlan.

Refer the url below for more information on configuring vlans:

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/intrface.html#wp1044006

timmatthews · ‎10-13-2008

all-thanks for your responses, now you can all have a laugh at the fact that in spite of all Vista's good points! Switching off the firewall/av still leaves a service running which prevented the round trip of the ping I was initiating. Back to basics and all that!

Farrukh Haroon · ‎10-11-2008

Since you are using sub-interfaces on the ASA, you need to make the switch's port connected to the ASA gig 0/2 as a trunk. Then either allow all VLANs on it (defult) or just these specific four vlans.

Regards

Farrukh

Farrukh Haroon · ‎10-11-2008

Since you are using sub-interfaces on the ASA, you need to make the switch's port connected to the ASA gig 0/2 as a trunk. Then either allow all VLANs on it (defult) or just these specific four vlans.

Regards

Farrukh