cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
183
Views
0
Helpful
1
Replies
Highlighted
Beginner

ASA VLAN Across Subs

Good day all,

 

Migrating an ASA5505 to 5506 and am attempting to replicate the below high level setup but the logic of 'You cannot assign the same VLAN to multiple subinterfaces' is causing problems. My ASA5505 is trunked to a switch and trunked to an ESXi server w/ the ESXi active with the switch and standby w/ the ASA5505.

 

ASA5505 -------- Switch

|                                   |

|--------X--------  ESXi

 

Moving to the ASA5506 I'm using subinterfaces w/ VLANs and BVIs. Any ideas on how to successfully replicate the above configuration with the ASA5506 so the ESXi server can be connected to both the ASA5506 and the switch leveraging the same VLANs for redundancy purposes?

 

Many thanks!

1 REPLY 1
Highlighted
Hall of Fame Expert

Hi,

Not sure why but unfortunately Cisco has removed the layer-2 functionality that was available in 5505 series Firewalls. On 5506, the interfaces are all layer-3. So, basically you need to move the switch functionality that was available in the 5500 to a regular small switch. 

HTH

Content for Community-Ad