cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1632
Views
0
Helpful
18
Replies

Firewall inside interface with Core

Rizwan
Level 1
Level 1

Hi, 

I have nexus core with multiple vlans configured on it. Cisco asa firewall is connected with core using port-channel and trunk. 

How can  I make all vlans traffic routable on firewall? I will use IP address at port-channel interface? how firewall will handle vlan tags?

18 Replies 18

Everything is working on core just problem is connectivity between Firewall and Core.

I have two nexus core switches and two asa firewalls configured on failover. 

vPC link is up between firewall and core switches I have assigned inside IP address on port-channel interface at firewall. 

!
interface Port-channel2
 nameif inside
 security-level 100
 ip address 192.168.200.1 255.255.255.0 standby 192.168.200.2 

 

 

At nexus  

 

(config)# ip route 0.0.0.0 0.0.0.0 192.168.200.1

 ping 192.168.200.1
PING 192.168.200.1 (192.168.200.1): 56 data bytes
ping: sendto 192.168.200.1 64 chars, No route to host
Request 0 timed out
ping: sendto 192.168.200.1 64 chars, No route to host

Hi Jon, 

 

Any update on this? Can you help me out?

A sample configuration is attached.  I have this working in GNS3

Can you do a "show int desc" on the nexsus and firewall please?

 

Remove all public IP addresses before you post :)

Review Cisco Networking for a $25 gift card