asked on

VLAN to carry ISP to Cisco ASA using 3COM 4200 Switch

I have a Cisco ASA in Building “A” with an MPLS network and 3COM 4200 switch.
Building “B” is connected via fiber using media converters with a 3COM 4200 switch.
I now have a failover ISP which could only be located in building “B”. I want to create a VLAN from building “B” to building “A” so that I can pass the ISP to the Cisco ASA in building “A”.

So far what I have done –
Building “A” 3COM Switch
Created VLAN 15
Added port 12 to VLAN 15 untagged
Plugged port 12 into the ASA

Building “B” 3COM Switch
Created VLAN 15
Added port 12 to VLAN 15 untagged
Plugged port 12 into the cable modem

I cannot see/ping the ASA from the outside world. Also place other item on this port and could not ping it.

BTW – Internal network = 10.10.100.0. ISP = 50.74.61.65/29

Do I need to do anything with the 3COM ports where the media converters are plugged in ?

Thanks!
Mountaineer*

rauenpc

The connection between the 3com switches need to be in port mode hybrid, and then you will specify which vlans are allowed as well as which are tagged and untagged. Only one vlan can be untagged. This means that at the very least vlan 15 and whichever vlan is already defined on the port need to be allowed.

So if vlan 1 normally carried data and you only needed to add vlan 15 to carry the ISP traffic:

int eth 1/0/1
port link-type hybrid
port hybrid vlan 1 untagged
port hybrid vlan 15 tagged
port hybrid pvid vlan 1

MountaineerWV

ASKER

Thanks. I "see" what you are saying and should not be rocket science.

I am dealing with 3COM 4200 switches (not 4200G)

do you know the telnet command line interface commands?

How do I impose "port link-type hybrid"?

Thanks!

ASKER CERTIFIED SOLUTION

rauenpc

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

MountaineerWV

ASKER

Was this for a 3COM 4200? (not 4200G)?

MountaineerWV

ASKER

Thanks!