01-12-2011 09:41 AM - edited 03-06-2019 02:57 PM
i have an ASA5510 and i'm trying to create a DMZ so connected a switch to int e0/2, built a subinterface e0/2.1 and gave it an ip address.
BUT the ASA is not seeing the connected device and i'm pulling my hair out as to WHY!
any thoughts?
Thanks
Solved! Go to Solution.
01-12-2011 12:27 PM
on the ASA , do :-
asa(config)# no global (Web_LAN) 1 interface
for PAT , you need only one global command. with multiple nat ( inside ) , nat ( WLAN1) , nat (Web_Lan1) 1 0.0.0.0 0.0.0.0 commands
Manish
01-12-2011 12:30 PM
Gary,
I already pointed the same solution on the above post earlier.:-)..looks like you missed my post :-)
-----------------------------------------------------------------------------------------------------------------
As I mentioned in the earlier post and as pointed out by Manish, You have to configure the trunk port on the switch connecting to ASA or atleast have that port configured in VLAN7 in order this to work. ASA is expecting 802.1q tagged packet from the switch and its not receving any as there is no configuration done on switch and everything is in default vlan is its supports vlan and dot1q trunking. Its not gonna work unless the trunk is configured between ASA and Switch or everything defaults to vlan 1. Else easier wuld be to configure the ASA port as L3 port withput trunking and connect it to the switch, have all the PC's use ASA as default gateway and you are good to go.
Cheers,
-amit singh
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide