cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
764
Views
0
Helpful
4
Replies
Highlighted
Beginner

Connecting cisco ASA 5505

Dear..

I have been working with ASA 5510,20,40,80 but not with 5505...

this vlan and its interfaces are quite confusing.

Just want to know how it works and its connectivity to Cisco Switch.

1) Do i have to put the interface of the switch in the same vlan as i am creating the interface vlan in firewall ???

for example.

firewall has this configuration

interface  Vlan 3

ip address x.x.x.x


interface eth1

switchport access vlan3

Now the switch port connecting to this Eth1 interface should also be in the same vlan ? i.e vlan3 ?? or it will be in trunk ?

2)  The default configuration shows the eth0 with no access vlan

   and interface eth1 with access vlan 2... does it mean the eth0 is in vlan1 ? (Nativ Vlan ) ???

4 REPLIES 4
Highlighted
N W Beginner
Beginner

Re: Connecting cisco ASA 5505

Hi

Think of the 5505 ethernet ports as switch ports, as that is what they are.same as a router 877/878. I usually use it as an access port.

by default all ports will have vlan 1 unless specified

Highlighted
Beginner

Re: Connecting cisco ASA 5505

In 5505 port e0/0 belongs to outside interface vlan 2

All the remaining ports e1 to e7 belong to inside interface vlan 1. This is the default factory settings with a base licence.

If you have a security licence then you can add the dmz and place it in a different vlan. All ports on the asa act as switchports as in like a switch by default

Highlighted
Beginner

Re: Connecting cisco ASA 5505

Thanks guys.....

Ok tht one is clear..

Now .. What if i want to connect 5505 to Cisco Switch 3750.

should the switch port be Access-Port or Trunk ?

Beginner

Re: Connecting cisco ASA 5505

That will depend on what is connected to the switch. If all the devices connected on the switch belong to the same vlan means you can leave the port on the asa as an access port itself(default) If not you would have to configure it as trunk port to allow different vlans