• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 868
  • Last Modified:

VLAN trunking between ASA and Cat2950

I have 2 sites. The is connected via IpSec VPN with ASA5505. There are roughly 10 servers and 50 work stations connected to the Cat2950s on each site. It is setup as daisy chain in a flat network.

My goal is to remove daisy chain and create vlans for separation.

I defined VLANs and trunked them one of the interface in ASA.
interface Ethernet0/2
description trunk-to-switch1-0/23
 switchport trunk allowed vlan 50,80,100,500,800
 switchport mode trunk

Open in new window

interface FastEthernet0/23
 description uplink-to-asa
 switchport mode trunk
 switchport nonegotiate
 mls qos trust cos
 auto qos voip trust 
 macro description cisco-desktop
 spanning-tree link-type point-to-point

Open in new window

Do I need to define the vlans on all 2950s? Should I use route-on-a stick?
2 Solutions
Don JohnstonInstructorCommented:
Do I need to define the vlans on all 2950s?
The VLANs need to be defined on any switches they will be transiting. The VLANs also need to be allowed on any trunks they will be crossing.

Should I use route-on-a stick?
Hard to say with out more information. If inter-VLANs communication is required, then it will need to be done on a router or the ASA.
Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
VLANs must be defined on the switches.  Since you will be using router on a stick, VLANs must be defined for each sub-interface.  This will ensure the PCs can reach the default gateway.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get Certified for a Job in Cybersecurity

Want an exciting career in an emerging field? Earn your MS in Cybersecurity and get certified in ethical hacking or computer forensic investigation. WGU’s MSCSIA degree program was designed to meet the most recent U.S. Department of Homeland Security (DHS) and NSA guidelines.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now