Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
739
Views
0
Helpful
3
Replies

Filter traffic between Vlans.

Andre Luiz Souza Santos
Level 1
Level 1

‎04-10-2013 12:48 PM - edited ‎03-07-2019 12:44 PM

Hi,

I have a ASA 5585 and a Nexus 5596, and i need a sugestion to configure this cenário:

My users in the Vlan 10 need access on the network in the Vlan 20, but this traffic must be filtered for firewall. In the firewall a received a trunk port for Nexus 5596, and i created subinterfaces to receive the Vlans for this trunk.

The gateway for my users is the address for the ASA subinterfaces.

What i do to filter the traffic between the Vlans?

Regards

André Luiz

Labels:
0 Helpful
3 Replies 3

blau grana
Level 7
Level 7

‎04-15-2013 01:41 AM

Hello Andre,

You can use ACLs to filter traffic on ASA's subinterfaces or you can use Vlan ACLs to filter traffic on nexus.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
0 Helpful

Andre Luiz Souza Santos
Level 1
Level 1
In response to blau grana

‎04-15-2013 08:48 AM

Hí,

Thank you for reply.

I´m a new user for ASA, and i have various doubts about this implementation. Do you suggest a literature for help me?

My ideia is use a IPS to filter traffic on ASA subinterfaces then route and then send to switch.

Regards

0 Helpful

blau grana
Level 7
Level 7
In response to Andre Luiz Souza Santos

‎04-15-2013 10:05 AM

Hello Andre,

I am also not very familiar with ASA. I understood from your first post that you want to filter traffic between VLANs based on IP addresses. This can be accomplished by creating ACLs on ASA's subinterfaces, no need for IPS.

If you want to deeper your knowledge in security area I would recommend to start here:

https://learningnetwork.cisco.com/community/certifications/security_ccna

http://www.ciscopress.com/markets/detail.asp?st=98139

https://learningnetwork.cisco.com/community/certifications/ccnpsecurity/

http://www.ciscopress.com/markets/detail.asp?st=44730

And definitely here:

https://supportforums.cisco.com/community/netpro/security

There you can find guys who are in this field for many years and have lot of knowledge, experinece and certainly would be glad to help you navigate to right direction.

Best Regards

Please rate all helpful posts and close solved questions

Best Regards Please rate all helpful posts and close solved questions
0 Helpful
Customers Also Viewed These Support Documents