Solved: MaheshIs this normal network

mahesh18 · ‎07-02-2015

Hi Everyone,

Is this setup ok

ASA1 and ASA2 are on different networks and vlan 2 is for management only on ASA2 and switch.

In order to access the ASA2 and switch via vlan 2 i configured vlan 2 also on ASA1.

ASA1-----vlan2------int1 -------------vlan2-----int1 ------ASA2------int2---trunk int including vlan 2--------vlan2-----switch

Say ASA1 vlan int has IP 192.168.50.1

ASA2-----vlan int1 IP 192.168.50.2

ASA2 trunk interface 2 IP 192.168.50.3

Is this normal network design to have two interfaces on ASA with IP address on same subnet?

Regards

MAhesh

Jon Marshall · ‎07-02-2015

Mahesh

Is this normal network design to have two interfaces on ASA with IP address on same subnet?

This would only work if the ASA was in transparent (L2) mode and then you wouldn't actually assign IPs to the interfaces.

If this is in routed (L3) mode which I suspect it is then you can't do this ie. have the same IP subnet on either side of the ASA.

Jon

Jon Marshall · ‎07-02-2015

Mahesh

Is this normal network design to have two interfaces on ASA with IP address on same subnet?

This would only work if the ASA was in transparent (L2) mode and then you wouldn't actually assign IPs to the interfaces.

If this is in routed (L3) mode which I suspect it is then you can't do this ie. have the same IP subnet on either side of the ASA.

Jon

mahesh18 · ‎07-02-2015

Many thanks Jon.

Firewall Vlan Design question