09-06-2013 07:36 AM - edited 03-11-2019 07:34 PM
I have two ASA 5505 (A and B) configured with IPSec site-to-site VPN, both can talk to each other.
I am planning to adding identical VLANs on both of them, is there any concern for using same VLANs?
09-06-2013 07:40 AM
Hi,
There is no problem in having the same Vlan configured on 2 different networks ASA5505 firewalls.
- Jouni
09-06-2013 08:24 AM
Thanks. I am looking for an explaination if you don't mind. It has no issue because the tag is not carry over between the ASAs?
09-06-2013 08:30 AM
Hi,
The network are not connected by L2 and in a typical setup also all the interfaces are typically Access mode ports so no Vlan tagging is used. The Vlan in this case is nothing more than a port ID basically.
Even if the devices were connected to the same L2 network there should be no problem.
A more likely scenario that you might have to worry about with regards to L2L VPN is overlapping networks. Though naturally in your situation you probably manage both devices so no such problem can arise. Naturally keeping in mind possible future connections to 3rd party sites its good to avoid using any typical networks/subnets on your LAN.
- Jouni
09-06-2013 09:01 AM
The interfaces in each ASA are trunked but I do not have dot1q configured -
I will add the vlans tonight. Thanks!!
09-06-2013 09:07 AM
Hi,
I would imagine they use Dot1Q since you have configured them as Trunk. I dont think you can even use ISL (or whatever it was named)
Still, both ends of the network will not have any knowledge of the Vlan used at the other site.
- Jouni
09-06-2013 09:13 AM
Hello,
As a recomendation:
As you are using the same VLANs you might also use the same IP subnets,
Try to use a dedicated IP address space on each site for ease of configuration and troubleshooting.
For more information about Core and Security Networking follow my website at http://laguiadelnetworking.
Any question contact me at jcarvaja@laguiadelnetworking.com
Cheers,
Julio Carvajal Segura
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide