ASA 5510 and Cisco 2811 router dot1Q?

By kris ·
My question is this: Our ISP has assigned us with a single network segment of x.x.28.x/29. We then needed more public IP's so we requested another /29 octet. They then assigned us x.x.27.x/29. Our current setup is the MPLS Internet connection demark, to a Cisco 2811 Router that has a WAN ip of a /30 and an inside ip of the /29. Then from that it goes to a Cisco ASA 5510 with the outside ip another public /29, and the inside is a 172 addressing scheme. My question is, with the new network set they gave us, can I configure dot1q in between the router and the ASA to get both networks over that link then configure the translation on the ASA? If so, how? Any help is appreciated! THANKS A MIL!! Kris

This conversation is currently closed to new comments.

4 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

Re: ASA 5510 and Cisco 2811 router dot1Q?

by aiwamoto In reply to ASA 5510 and Cisco 2811 r ...

I have configured ASAs to use trunking on inside interfaces coming from a L3 switch so I don't see why you couldn't do the same for an outside interface. You would just have different ACLs for each sub-interface for each assigned IP block. The only potential challenge is if you need to map two different public IPs to the same internal IP. I don't think that is a problem based on your description as you just needed more IPs not getting more for redundancy.

Personally, I would just get a new /28 block and make all the necessary DNS changes but maybe that's not possible for your environment.

Collapse -

Wish that was the case...

by kris In reply to Re: ASA 5510 and Cisco 28 ...

I wish this was the case, but i don't think my ISP will allow getting a /28. I've tried configuring the dot1q, but i can't get it to talk. I just want to know if its possible to set that up between the Router and the ASA over the same link. Both of the new address sets go back to the same gateway....So i figured it would work, then the ASA would do the NAT for the public to private IP's. Its just how to get it configured...that is the question. Thanks for your reply!

Collapse -

Yes, but might be better alternative

by career In reply to ASA 5510 and Cisco 2811 r ...

Yes, the 2811 should support trunking but might have to upgrade software. I know with the 2600s, you needed the "IP Plus" feature set.

However, it should be possible to just route the new /29 to the ASA's outside IP, then use NAT/PAT commands on the ASA just as if there was a new interface.

Back to Networks Forum
4 total posts (Page 1 of 1)  

Related Discussions

Related Forums