The current setup is that he have a WAN router which connects the network to corporate network via IPMAN (which is router on the stick) two sub interfaces which connects to a switch stack. recently we have to add a security so we have to introduce a ASA between the router and the switch. I guess the best way is to do the transparent as we have lot of servers in the environment and third party manages it so to make it simple i guess we can use the ASA 5510 as transparent (less impact and easy)
now on router we have (just for example) G0.0 192.168.1.1 and G.01 192.168.2.1
i am totally confused how many BVI's we need and what would be the physical connectivity like (do i have to make subinterfaces as well on firewall)
how many vlans i have to configure and how many BVI's
If you have two subnets you need to connect through the ASA then you must configure subinterfaces on the ASA. This is because you will require 4 VLANs and the ASA only supports VLANs on its subinterface. Of those 4 VLANs two will go to 192.168.1.0/24 network (one vlan for inside on vlan for outside) and two VLANs will go to 192.168.2.0/24 network.
You will also only require two BVIs. Keep in mind that BVIs don't scale very well as the ASA only supports 8 BVIs, meaning you will only be able to pass 8 subnets through the ASA.
Please remember to select a correct answer and rate helpful posts
-- Please remember to select a correct answer and rate helpful posts