troubleshooting Question

VLANs on ASA 5520

Avatar of netmgrdf
netmgrdfFlag for United States of America asked on
Hardware FirewallsCisco
3 Comments1 Solution1115 ViewsLast Modified:
Is it possible to set up VLANs on the external interface of a Cisco ASA 5520?  I have a customer who has a requirement to have external connections in two different subnets.  My thought was to remove the IP config from the current (non VLAN'd) external interface and create VLANs that I can use for the 2 subnets.

It seems simple enough, change the config so that the IP is removed from the primary interface, create the VLAN, add the IP config to the VLAN, change the appropriate ACLs and NATs and your done.   This doesn't work.  I thought it might be the XLATE table so tried "clear XLATE" after making the config changes last night and still didn't work.

I have received several different answers from Cisco TAC ranging from "It can't be done" to "It can be done but is difficult".  Their latest response was "It can't be done because of policy based routing".

Is this really not possible?   Thanks in advance for any wisdom you can provide.

We are providing connectivity for the via a GigE fiber from our Cisco 6509s (running in hybrid mode) in our core.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 3 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 3 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros