Campus Switching and Routing

Reply
Contributor I
Posts: 80
Registered: ‎04-29-2013

Connecting ASA to ArubaS1500-12P

Maybe I've been staring at it for too long, I don't know.... I have a lab that is segreated from production via an ASA firewall. The lab was 'working', but without all of the functionality I required, with the connections going from the ASA, into a Cisco 3750, and from there to the ArubaS1500. Since the devices I am testing in the lab reside on the 3750, I feel that a better connection scheme would be to connect the ASA directly to the MAS. So, I disconnected the cable from the ASA to the 3750 on the 3750 side (port Fa1/0/48 as you will see below) and plugged it into the MAS instead (G0/0/3). Since, I have been tweaking configurations on both the ASA and the MAS trying to get a connection. Both devices' interfaces are reporting as down/down. The relevant (hopefully all of it) configuration is pasted below. I am sure that there is just a simple tweak to make this work, but I am at a loss for what that tweak is.

 

Thanks,

Russell

 

********************************************************
**  NOT WORKING MAS TO FIREWALL                    *****
********************************************************

interface-profile switching-profile "Trunk-to-FW"
   switchport-mode trunk
!
interface-profile poe-profile "power-off"
!
interface-profile enet-link-profile "GbFull"
   speed 1000
   duplex full
   no autonegotiation
!
interface gigabitethernet "0/0/3"
   poe-profile "power-off"
   enet-link-profile "GbFull"
   switching-profile "Trunk-to-FW"
!

********************************************************
**  MAS TO CISCO SWITCH              (works)       *****
********************************************************

interface-profile switching-profile "trunk"
   switchport-mode trunk
   native-vlan 427
!
interface gigabitethernet "0/0/0"
   switching-profile "trunk"
!


********************************************************
**  Cisco to MAS                     (works)       *****
********************************************************
interface FastEthernet1/0/2
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 427
 switchport trunk allowed vlan 1-425,427-525,527-4094
 switchport mode trunk

 

********************************************************
**  FW     (works to Cisco, not connecting to MAS) *****
********************************************************
interface GigabitEthernet0/3
 speed 1000
 duplex full
 no nameif
 security-level 75
 no ip address
!
interface GigabitEthernet0/3.427
 vlan 427
 nameif V427
 security-level 75
 ip address 10.75.92.1 255.255.254.0
!

********************************************************
**  Cisco to FW                       (works)      *****
********************************************************
interface FastEthernet1/0/48
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast
 spanning-tree bpduguard enable
!

 

Contributor I
Posts: 80
Registered: ‎04-29-2013

Re: Connecting ASA to ArubaS1500-12P

Oh, for the love of Pete...I had a co-worker move the cable for me...did I mention I am remote?...anyway, I called to verify today "The ASA is now plugged directly into the MAS, right?" Response "No, I plugged the 3750 into the ASA." 

 

 

HAHA....

 

So, ~10 hours of headscratching, one 90 second phone call, the cable gets moved, I am up and cooking. 

Search Airheads
Showing results for 
Search instead for 
Did you mean: