Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1503
Views
0
Helpful
6
Replies

Communication between interfaces of ASA 5510

Go to solution
Janardhan Meesala
Level 1
Level 1

‎03-13-2011 11:39 AM - edited ‎03-11-2019 01:05 PM

Dear Support-Team,

I configured ASA 5510 ...

Totally it had 5 ports..

How to provide communication between two different interfaces which had configured as same security level?????

How many trunks will support ASA 5510 with base-license???

How to configure trunk to an interface with different VLNs( Router on a stick)....

Regards,

Janardhan

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Janardhan Meesala

‎03-13-2011 09:43 PM

Firewall can not be configured as the DNS server.

If your outside interface of the ASA is DHCP assigned, you can use the DNS from your ISP and pass that to your inside/internal hosts if you have configured the ASA as a DHCP server.

However, if you have not, then you would need to use an internal DNS server, or the DNS server provided by your ISP as ASA does not act as a DNS server.

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Janardhan Meesala

‎03-13-2011 11:23 PM

Yes you can. This depends on whether the traffic is initiated from low to high security level, or high to low security level.

There are different configuration options.

From low to high, you are required to have static NAT statement or NAT exemption with ACL as well as ACL to allow traffic through that is applied to the low security level interface.

From high to low, by default it is allowed through automatically, but if you have ACL applied to the high security level interface, then you would need to explicitly allow the traffic.

View solution in original post

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Jennifer Halim

‎03-13-2011 11:52 PM

Pls kindly mark the post as answered as you have no further question as you have opened a new post for the same question. Thank you.

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee

‎03-13-2011 02:53 PM

How to provide communication between two different interfaces which had configured as same security level?????

-- Enable: same-security-traffic permit inter-interface

How many trunks will support ASA 5510 with base-license???

-- Supports 50 VLANs:

http://www.cisco.com/en/US/products/ps6120/prod_models_comparison.html#~mid-range

How to configure trunk to an interface with different VLNs( Router on a stick)....

-- Not too sure what you mean on this. You would need to configure trunk to a switch, not to a router. And as far as ASA is concern, you will just need to configure sub interfaces for the ASA physical interface to become a trunk port (and not to configure name/security level/ip address on the actually trunk physical interface):

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/intrface.html#wp1082576

Hope that helps.

0 Helpful

Go to solution
Janardhan Meesala
Level 1
Level 1
In response to Jennifer Halim

‎03-13-2011 09:39 PM

Hi Jennifer Halim

Thanks for your support.....

i will try with this configuration...

How to configure my firewall as DNS server... i.e in my local systems i will

enter my firewall inside IP as DNS server...

IP : 192.168.1.10

Mask: 255.255.255.0

G.W: 192.168.1.1 (Firewall Inside IP)

DNS1:192.168.1.1( Firewall inside IP)

Here how to configure my ISP DNS server IPs in my firewall.

Regards,

Janardhan

On Mon, Mar 14, 2011 at 3:23 AM, halijenn <

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Janardhan Meesala

‎03-13-2011 09:43 PM

Firewall can not be configured as the DNS server.

If your outside interface of the ASA is DHCP assigned, you can use the DNS from your ISP and pass that to your inside/internal hosts if you have configured the ASA as a DHCP server.

However, if you have not, then you would need to use an internal DNS server, or the DNS server provided by your ISP as ASA does not act as a DNS server.

0 Helpful

Go to solution
Janardhan Meesala
Level 1
Level 1
In response to Jennifer Halim

‎03-13-2011 10:09 PM

Dear Jennifer Halim

Thanks for your quick response...

Is it possible to provide communication between two different interfaces

which had configured as different

security level?????

Regards,

Janardhan

On Mon, Mar 14, 2011 at 3:23 AM, halijenn <

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Janardhan Meesala

‎03-13-2011 11:23 PM

Yes you can. This depends on whether the traffic is initiated from low to high security level, or high to low security level.

There are different configuration options.

From low to high, you are required to have static NAT statement or NAT exemption with ACL as well as ACL to allow traffic through that is applied to the low security level interface.

From high to low, by default it is allowed through automatically, but if you have ACL applied to the high security level interface, then you would need to explicitly allow the traffic.

0 Helpful

Go to solution
Jennifer Halim
Cisco Employee
Cisco Employee
In response to Jennifer Halim

‎03-13-2011 11:52 PM

Pls kindly mark the post as answered as you have no further question as you have opened a new post for the same question. Thank you.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card