Solved: Subinterface configuration on ASA

snowmizer · ‎08-25-2011

I am trying to set up my ASA 5510 inside interface with sub-interfaces because I need to allow for more than one VLAN on the same physical interface. I have the ASA configured for the subinterfaces and pointing to vlan 10. I have the switch port on my core swith where the ASA inside interface plugs into set up as a trunk port with vlan 10. When I try to access my ASA from inside the network I cannot connect. Here's a sample of each config:

ASA

interface Ethernet0/1

speed 100

duplex full

no nameif

no security-level

no ip address

interface Ethernet0/1.1

description Inside

vlan 10

nameif inside

security-level 100

ip address 10.128.1.254 255.255.0.0

Core Switch port

interface GigabitEthernet4/16

switchport trunk encapsulation dot1q

switchport trunk native vlan 10

switchport mode trunk

duplex full

qos trust dscp

auto qos voip trust

tx-queue 3

priority high

shape percent 33

spanning-tree portfast

service-policy output autoqos-voip-policy

If I set up the inside interface without the sub-interface and leave the switchport as an access port I can get to my ASA fine. However I need the VLANs for a current project I'm working on. I've looked at lots of documentation and from what I've read everything looks fine. What am I missing?

Thanks.

IAN WHITMORE · ‎08-25-2011

You've set the native vlan to vlan 10, so the switch actually doesn't tag these packets. Change the native vlan to something else and try again. That could be it.

HTH,

Ian

View solution in original post

IAN WHITMORE · ‎08-25-2011

You've set the native vlan to vlan 10, so the switch actually doesn't tag these packets. Change the native vlan to something else and try again. That could be it.

HTH,

Ian

snowmizer · ‎08-25-2011

IAN,

YOU ARE A GENIUS!!!!!! That was it. Thank you so much.

IAN WHITMORE · ‎08-25-2011

I wish. But very nice of you to say so

Glad it sorted it for you.

Ian