05-22-2012 04:31 AM - edited 03-07-2019 06:50 AM
I created a new vlan and able to access all my internal networks and able to access till firewall inside interface ,however cant access internet or cant hit my firewall external ip and internet, apparently all the vlans in the prodcution netwrok are able to communicate anywhere with no issues, Intervlan routing is done by our core catalyst switch,
What steps do be done after creating new vlan:
After creating vlan do i need to write static route or any additions of acls or nat on my firewall?
Please let me know if i can make it more clear
Thanks in advance
Solved! Go to Solution.
05-22-2012 05:16 AM
As I think, a new VLAN is terminated on Cat4500.
If your Core switch has default route upstream to ASA, then you need to pay attention to ASA. Here you might need to configure:
- route for your new VLAN towards Core
- NAT
- ACL
- different firewall features (policies etc.)
- IPS may be...
Of course, I'm not sure that you need to configure all of them, because I did not see your ASA config.
05-22-2012 04:41 AM
It is neccessary to see you network topology. Shortly - yes, probably, you need to make many additional things to have Internet access.
05-22-2012 05:08 AM
05-22-2012 05:16 AM
As I think, a new VLAN is terminated on Cat4500.
If your Core switch has default route upstream to ASA, then you need to pay attention to ASA. Here you might need to configure:
- route for your new VLAN towards Core
- NAT
- ACL
- different firewall features (policies etc.)
- IPS may be...
Of course, I'm not sure that you need to configure all of them, because I did not see your ASA config.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide