03-18-2021 09:04 AM - edited 03-18-2021 10:33 AM
I have the following issue with my new FTD 1010 running 6.7 coming in to replace an old ASA 5505.
I have the following config on the ASA:
.....
interface Ethernet0/5
switchport trunk allowed vlan 2-3
switchport trunk native vlan 2
switchport mode trunk
!
interface Ethernet0/6
switchport access vlan 2
!
interface Ethernet0/7
switchport access vlan 2
shutdown
!
interface Vlan1
mac-address e48d.8cab.ed68
nameif outside
security-level 0
ip address ******** 255.255.255.0
!
interface Vlan2
nameif inside
security-level 100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan3
nameif wifi2
security-level 50
ip address 192.168.100.1 255.255.255.0
....
On the FTD I have replicated the exact same config, but for the Outisde ofcourse I have routed interface as I needed to mage the FTD with FMC.
.....
!
interface Vlan2
nameif vlan2
security-level 0
ip address 192.168.1.1 255.255.255.0
!
interface Vlan3
nameif vlan3
security-level 0
ip address 192.168.100.1 255.255.255.0
!
interface Ethernet1/1
no switchport
nameif outside-garaj
cts manual
propagate sgt preserve-untag
policy static sgt disabled trusted
security-level 0
ip address ********** 255.255.255.0
!
.....
!
interface Ethernet1/4
switchport
switchport access vlan 2
!
interface Ethernet1/5
description test
switchport
switchport trunk allowed vlan 2-3
switchport trunk native vlan 2
switchport mode trunk
Now the funny part comes here. I have AP with two SSIDs that have the vlan 2 as nateive for the one and vlan 3 for the second SSID.
With the ASA it works perfectly fine.
Whe I try the ping from the Vlan3 network to the FTD 192.168.100.1 there is no ping neither anything captured on the Pcap.
Same as being on the vlan 2 SSID and having IP from that subnet pinging the GW (FTD) 192.168.1.1 no ping.
Not to mention that there is no ping between both of them.
I had a feeling that it could be as of issue with a trunk not being active so i have included a switch with trunk port, but even then it does not work.
Any ideas why the trunk on the FTD 1010 in switchport mode would not be working as expected?
07-04-2023 08:29 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide