PACKET TRACER VPN I am struggling to add vlans to the Firewall

johnmcgrath29 · ‎09-30-2021

I am in the middle of building my lab up the aim is to have a site to site vpn between to firewall that are behind edge routers onsite however I can't seem to get the vlans added i have tried to sub int by doing Gig1/2.10 for example doesn't seem to want to play any advice would be great

as I haven't even tried to configure Phase 1 and Phase 2 yet if I can't get beyond this then my plan might not work I will add the file

johnmcgrath29 · ‎09-30-2021

I was thinking can I route the Vlan the vlan interfaces between the L3 Switch and ASA5506 will that work? as a work around?

Rob Ingram · ‎09-30-2021

Hi @johnmcgrath29

I don't have packet tracer so I cannot see your configuration, but yes you can route the VLANS between the L3 switch and the ASA, this is generally what I do most of the time. The L3 switch will be the gateway for the VLANS and will route any traffic not destined for a connected network via the ASA. The ASA would have static or dynamic routes via its inside interface for the networks (VLANs) connected to the switch.

HTH

johnmcgrath29 · ‎09-30-2021

Thanks Rob,

I am going to give that a go and see how I get on I have added a Screen shot of what I am trying to do the switching and inter vlan routing is all good and so is the DHCP

I know EVE-NG and GNS3 are all the rage but I can't afford one and the other my machine isn't good enough to run sadly so I am working with what I have.

soon as I have built it and it works I am going to delete the file and keep re-building it from scratch maybe add things to it etc like HSRP etc..