One of the problem people often run into when they start working with ASA 5505 is the
Inability to connect with the Switch without Security plus license as Trunking is not supported without it. What will you do if you have the following scenario?
Consider PC1 is connected with Switch1 and PC2 is connected with Switch2. Lets assume that Switch1 is your ASA 5505 running base IOS that means it uses a 8 port switch and instead of Int e0 or e0/0 you got to work with “Int vlan1,” “Int vlan2”.
The default is e0/0 being part of Vlan2 and rest e0/1 to e0/7 being part of vlan1.
Some of the candidates who are preparing for CCIE Security wants to go for 5505 because of the price and they run into the problem connecting their topology as you can’t have every device connected directly with ASA5505.
You have switch2 connected with E0/0(vlan 2) and E0/1(vlan 1) of ASA 5505
So here is a simple workaround and please excuse me for the absense of a drawing
E0/0 is preconfigured with
Switchport access vlan 2
E0/1 is preconfigured with
Switchport access vlan 1
Switch 2 is capable of trunking take the interface going into E0/0 configure it with
Switchport trunk encapsulation dot1q
Swithport mode trunk
Switchport trunk native vlan 2
Put any device in vlan2 on switch 2 and ping E0/0 on ASA5505 it will work so you can save your money for Security plus license for other equipments.
Chandan Sharma
|
