I've been tasked with segregating an existing network with VLANs.
The current infrastructure looks like this:
L3 Switch – ASA -Internet – ASA – L3 Switch
I haven’t been able to find a clear answer on how to setup VLANs in this scenario, but what I’ve done on one site is take the existing /24 network and split it on the switch, which works just fine and I can ping it from the remote site. I’ve set the inside network up so that the core switch points to the ASA and the ASA points to the core switch. The port that the core switch connects to the ASA is set to access mode. The ASA does not have sub-interfaces for the VLANs.
It’s at the other site that I’m having an issue and it’s because I’m having to create new subnets for a few VLANs. I don’t know if it’s something to do with an ACL, the VPN tunnel, or if I have to create routes. I’ve tried looking into those, but haven’t been able to make anything work.
So in this case, I have 172.16.1.x that connects to 192.168.1.x over a VPN tunnel. On the 172.16.1.x network, I’m trying to create a VLAN using a 172.16.150.x network and have that communicate to the 192.168.1.x network.
Be First to Comment