HPE Community
LAN Routing
1753575 Members
6075 Online
108796 Solutions
New Discussion

VLAN Tagging, Cisco ASA subinterface problems

 
Incog
Occasional Visitor

‎03-15-2017 07:29 AM

‎03-15-2017 07:29 AM

VLAN Tagging, Cisco ASA subinterface problems

I am trying to set up a subinterface on my cisco ASA 5515.  The vlan is 18.

Computer -> switch port 47  (Trunk with pvid 18, allow 17) -> several switches connected via 10G (Set to Trunk) -> Switch port 2/13 (Trunk with pvid 18, allow 17) - ASA interface that has a sub interface of 0/4.18

All of the switches inbetween have vlan 18 on them and the 10Gb links do as well.

If I do not create a sub interface and use the physical interface all works perfectly.

Thank you for any info you can provide.

0 Kudos
1 REPLY 1
Incog
Occasional Visitor

‎03-15-2017 08:34 AM

‎03-15-2017 08:34 AM

Re: VLAN Tagging, Cisco ASA subinterface problems

Sometimes you just have to go caveman and pound the keyboard.

"A" computer has to be plugged into a port that is set up as an "Access Port" with the PVID of 17

"B" computer has to be plugged into a port that is set up as an "Access Port" with the PVID of 18

The ASA firewall has to be plugged into a port set up as a "Trunk Port" with PVID = 1 and Allowed VLAN 17&18

The ASA interface has to be blank then through the ASDM right click and choose "ADD".  Specifiy VLANID, Sub interface ID, etc.

Create a NAT for both vlan's and automagically you have two vlans going through one interface of the ASA.

I really can't believe that I did not know this for 5 years.  Of course, my requests for Cisco and HP training have been met with "You're smart, watch some youtube videos."

T

 

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.