Wired Intelligent Edge

last person joined: 8 hours ago 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

Connecting ASA to ArubaS1500-12P

This thread has been viewed 0 times

  • 1.  Connecting ASA to ArubaS1500-12P

    Posted Apr 17, 2015 06:34 AM

    Maybe I've been staring at it for too long, I don't know.... I have a lab that is segreated from production via an ASA firewall. The lab was 'working', but without all of the functionality I required, with the connections going from the ASA, into a Cisco 3750, and from there to the ArubaS1500. Since the devices I am testing in the lab reside on the 3750, I feel that a better connection scheme would be to connect the ASA directly to the MAS. So, I disconnected the cable from the ASA to the 3750 on the 3750 side (port Fa1/0/48 as you will see below) and plugged it into the MAS instead (G0/0/3). Since, I have been tweaking configurations on both the ASA and the MAS trying to get a connection. Both devices' interfaces are reporting as down/down. The relevant (hopefully all of it) configuration is pasted below. I am sure that there is just a simple tweak to make this work, but I am at a loss for what that tweak is.

     

    Thanks,

    Russell

     

    ********************************************************
**  NOT WORKING MAS TO FIREWALL                    *****
********************************************************

interface-profile switching-profile "Trunk-to-FW"
   switchport-mode trunk
!
interface-profile poe-profile "power-off"
!
interface-profile enet-link-profile "GbFull"
   speed 1000
   duplex full
   no autonegotiation
!
interface gigabitethernet "0/0/3"
   poe-profile "power-off"
   enet-link-profile "GbFull"
   switching-profile "Trunk-to-FW"
!

********************************************************
**  MAS TO CISCO SWITCH              (works)       *****
********************************************************

interface-profile switching-profile "trunk"
   switchport-mode trunk
   native-vlan 427
!
interface gigabitethernet "0/0/0"
   switching-profile "trunk"
!


********************************************************
**  Cisco to MAS                     (works)       *****
********************************************************
interface FastEthernet1/0/2
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 427
 switchport trunk allowed vlan 1-425,427-525,527-4094
 switchport mode trunk

 

********************************************************
**  FW     (works to Cisco, not connecting to MAS) *****
********************************************************
interface GigabitEthernet0/3
 speed 1000
 duplex full
 no nameif
 security-level 75
 no ip address
!
interface GigabitEthernet0/3.427
 vlan 427
 nameif V427
 security-level 75
 ip address 10.75.92.1 255.255.254.0
!

********************************************************
**  Cisco to FW                       (works)      *****
********************************************************
interface FastEthernet1/0/48
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast
 spanning-tree bpduguard enable
!

     



  • 2.  RE: Connecting ASA to ArubaS1500-12P
    Best Answer

    Posted Apr 17, 2015 10:00 AM

    Oh, for the love of Pete...I had a co-worker move the cable for me...did I mention I am remote?...anyway, I called to verify today "The ASA is now plugged directly into the MAS, right?" Response "No, I plugged the 3750 into the ASA." 

     

     

    HAHA....

     

    So, ~10 hours of headscratching, one 90 second phone call, the cable gets moved, I am up and cooking.