cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
656
Views
5
Helpful
8
Replies

Configure port connecting to Inside Port on ASA

CiscoBrownBelt
Level 6
Level 6

I have a 4431 router.

G0/0 has subinterfaces (g0/0.1ip 10.10.10.0, .2  ip 10.10.20.0, etc.) for routing internal LAN subnets as this port connects to a switch  and all communicates fine.

G0/1 has no configs or IPs as of now and connects to Inside port g0/1 of 5585X and has IP of 10.10.10.10.

 

G0/0 already has the subinterfaces/subnets for the internal subnets so I can't put the same subnet IP on g0/1 which connects to the FW. It is just normal trunk port and can't ping the IP on the connecting port of the FW 10.10.10.10

 

What is best way to configure the port of the router connecting to the FW?

I need 10.10.X.X to be reachable on all devices as it will be the management subnet.

Even another edge router on the external side of the FW. I am not going to use true OOBM just management subnet/vlans on all devices up to the edge router (if that is possible).

 

 

8 Replies 8

johnd2310
Level 8
Level 8

Hi,

Connect the firewall Inside interface to the switch in vlan 1 as an access port.

 

Thanks

John

**Please rate posts you find helpful**

The FW is connecting to a 4431 Router on the internal side.

I can't configure the router port as a switchport.

Hi,

 

You said the router is connected to a switch. Can you not connect the firewall to the same switch?

 

Thanks

John

**Please rate posts you find helpful**

It goes from Access switch to router to FW.
No I need connectivity from the router to the FW.
I have 0.0.0.0 statement on router pointing to FW and FW statement pointing to router but ping is ????

Hi,

 

What address is the 0.0.0.0 statement pointing to? Are you getting ???? when you ping the firewall? Can the firewall ping the router?

A diagram of your what you are trying to achieve would help understand your network setup.

 

Thanks

John

**Please rate posts you find helpful**

OK see attached diagram I drew up real quick for this lab.

It is a basic configuration switch > Internal router > FW > Edge Router.

FW to Edge Router ping is good.

FW to Internal Router is not good.

All links are UP/Up.

Hi,

 

This will not work because you cannot have the same network on multiple interfaces of the router. Gi0/1 on the router and Gi0/1 on the firewall should be on a different subnet to the Internal network.

You need to choose a different subnet for the link between the Internal router and the firewall.

 

Thanks

John

**Please rate posts you find helpful**

Yes sorry I changed that. I thought I could configure a trunk connection to the FW but guess not.

Review Cisco Networking for a $25 gift card