Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
448
Views
0
Helpful
2
Replies

mgmt interface on the 3750x connected to ASA

Go to solution
talalaec02585
Level 1
Level 1

‎08-26-2021 12:12 AM

Hello everyone! There is a small network, a Cisco ASA 5515-x edge device and two Cisco 3750-x switches. 

 icmp allowed on the ASA. Switch (1/0/48) connected to GigabitEthernet0/1 device ASA. The PC connected to the port 1/0/1 Switch1 is ping successfully from ASA. The management interface (vlan101) on the switch does no ping from ASA. The switch doesn't have any access list.
What could be the problem?

asa config
------------------------ 
 interface GigabitEthernet0/0
nameif outside
security-level 0
ip address x.x.x.x 255.255.255.252
!
interface GigabitEthernet0/1
no nameif
no security-level
no ip address
!
interface GigabitEthernet0/1.99
vlan 99
nameif lan
security-level 100
ip address 10.60.60.1 255.255.254.0
!
interface GigabitEthernet0/1.101
vlan 101
nameif mgmt
security-level 100
ip address 10.255.255.1 255.255.255.0
!
same-security-traffic permit inter-interface


SWITCH1
-----------------------
interface GigabitEthernet1/0/1
switchport access vlan 99
switchport mode access
!
interface GigabitEthernet1/0/48
switchport trunk encapsulation dot1q
switchport trunk native vlan 101
switchport mode trunk
!
interface Vlan1
no ip address
shutdown
!
interface Vlan101
ip address 10.255.255.2 255.255.255.0
!
ip default-gateway 10.255.255.1

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP

‎08-26-2021 05:01 AM

Hello

you have native vlan 101 in the switchport tunk however the sub-interface on the asa .101 isn’t native it’s tagged to vlan 101 so change the native vlan to 1 on the switchport and you should gain connection 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

0 Helpful
2 Replies 2

Go to solution
paul driver
VIP
VIP

‎08-26-2021 05:01 AM

Hello

you have native vlan 101 in the switchport tunk however the sub-interface on the asa .101 isn’t native it’s tagged to vlan 101 so change the native vlan to 1 on the switchport and you should gain connection 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
talalaec02585
Level 1
Level 1
In response to paul driver

‎08-26-2021 06:38 AM

yes it did help. thanks a lot

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card