Cisco ASA Pre 8.3

I have ASA Pre 8.3 with base license. I have  a layer 3 switch SG300-20.

I have network on the ASA 192.168.0.0 and I have the switch set as 192.168.0.249.

I have another network in VLAN 2 on the switch as 192.168.9.2

Problem.....

I cannot get the route working for the ASA so that I can route traffic to the layer 3 so that people on VLAN 1 - 192.168.0.0 to ping anything on 192.168.9.0 network and vice versa.

I tried route inside 192.168.9.0 255.255.255.0 192.168.0.249

Nothing...

Note: these vlans are untagged I have not tagged them yet as I dont know if the ASA will like it.
desiredforsomeAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

desiredforsomeAuthor Commented:
Update : I fixed route. I can ping 192.168.9.2 from the ASA I cannot ping 192.168.9.2 from a pc on the LAN and from the ASA I cannot ping my host 192.168.9.5 from the switch or the ASA.

The computer plugged into the VLAN 2 can get on the internet and can ping hosts on the 192.168.0.0 network.
desiredforsomeAuthor Commented:
Looks like I can do it if I set all the ports to untagged and make them access ports. but is there a way in my layer 3 switch to have them tagged vlans that can talk to eachother?

My switch does routing. But when I throw the VLAN1 in Tagged and VLAN 2 in tagged they dont work.
naderzCommented:
1. You want all the "hosts" to be connected to "untagged" ports belonging to the correct VLAN.
2. You need to create one interface for each VLAN on the switch with a proper IP address for that VLAN's subnet. This IP address will serve as your default gateway for the hosts.
3. You will also need a default route pointing to the ASA for all Internet-bound traffic.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Benjamin Van DitmarsSr Network EngineerCommented:
you also need to make routes in the ASA for the way back. like

vlan 1 ip gateway switch
vlan 2 ip gateway switch
vlan 3 ip gateway switch
etc

else youre traffic does not have a return path
desiredforsomeAuthor Commented:
It was confusion the hosts were workign but some perhipherals werent that were not vlan friendly
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Cisco

From novice to tech pro — start learning today.