Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
559
Views
0
Helpful
1
Replies

Transparent Firewall Config

WILLIAM STEGMAN
Level 4
Level 4

‎05-25-2012 10:45 AM - edited ‎03-11-2019 04:11 PM

My setup is as follows

(        vlan 10                  )     (                 vlan 20                 ) ---  (vlan 30)

172.21.1.30 ---- insideASA<  >outsideASA ---- gw-172.21.1.25 ---- client

The server in vlan 10 is on the same subnet as the gateway on vlan 20. 

I see the traffic is making to the firewall.  Below is a capture on the inside interface

  1: 16:35:23.320402 802.1Q vlan#10 P0 arp who-has 172.21.1.25 tell 172.21.1.30

  2: 16:35:24.320372 802.1Q vlan#751 P0 arp who-has 172.21.1.25 tell 172.21.1.30

  3: 16:35:25.320356 802.1Q vlan#751 P0 arp who-has 172.21.1.25 tell 172.21.1.30

And here is a capture on the outside interface.  .26 and .27 are members of an hsrp group.

1: 16:35:14.138969 802.1Q vlan#1131 P0 172.21.1.26.1985 > 224.0.0.102.1985:  udp 52

2: 16:35:15.164404 802.1Q vlan#1131 P0 172.21.1.27 > 224.0.0.10:  ip-proto-88, length 40

3: 16:35:15.344342 802.1Q vlan#1131 P0 172.21.1.27.1985 > 224.0.0.102.1985:  udp 52

Anyone have any ideas on what I'm doing wrong?

thank you,

Bill

Labels:
0 Helpful
1 Reply 1

WILLIAM STEGMAN
Level 4
Level 4

‎05-25-2012 11:57 AM

I found the issue.  I still needed to create a bvi on the ASA and give it an IP address in the same network as my vlans.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card