Inter vlan transparent mode ASA 5512-X (9.3)

rtavares · ‎07-22-2015

Hello all,

Is possible something like that (below) using a Cisco ASA 5512-X (transparent mode)? I have omitted some configuration details. My mainly doubt is if is possible to repeat the VLAN IDs across multiple interfaces.

Two trunks and n-vlans crossing from the inside trunk to the outside trunk, a firewall between 2 L2 switches.

interface GigabitEthernet0/0.101
vlan 101
nameif nac_prod_in
security-level 0
!
interface GigabitEthernet0/1.101
vlan 101
nameif nac_prod_out
security-level 100

Thanks for helping me

Akshay Rastogi · ‎07-22-2015

Hi,

It is not possible to have same vlan on multiple interfaces or sub-interfaces.

Lets say you are using interface Gig0/1 and Gig0/2. On Gig0/1 you would have configured sub-interfaces with VLANs 2, 3, and 4. Now if you try to configure these same VLANs on Gig0/2 you will get an error saying something like this VLAN is already configured on another interface...I don't remember the exact error.

So to get this working you would need to configure Gig0/2 with sub-interfaces for VLANs...lets say...5, 6, and 7. you would then associate VLANs 2 and 5 with BVI 1, VLANs 3 and 6 with BVI 2, and VLANs 4 and 7 with BVI 3. Each BVI interface would have its own IP address for the subnet that is being bridged across the ASA.

Please let me know if this answers your queries. If this answers your query, I would request you to select the appropriate response as the solution for this thread.

Regards,

Akshay Rastogi

rtavares · ‎07-27-2015

Hi Akshay,

Your explanation clarifies doubts, sure. Thank you for helping me on this subjetc.

Regards,

Ricardo