Wired

last person joined: 16 hours ago 

Bring performance and reliability to your network with the Aruba Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of the ArubaOS-Switch and ArubaOS-CX devices, and find ways to improve security across your network to bring together a mobile first solution.
Expand all | Collapse all

Connecting ASA to ArubaS1500-12P

Jump to Best Answer
  • 1.  Connecting ASA to ArubaS1500-12P

    Posted Apr 17, 2015 06:34 AM

    Maybe I've been staring at it for too long, I don't know.... I have a lab that is segreated from production via an ASA firewall. The lab was 'working', but without all of the functionality I required, with the connections going from the ASA, into a Cisco 3750, and from there to the ArubaS1500. Since the devices I am testing in the lab reside on the 3750, I feel that a better connection scheme would be to connect the ASA directly to the MAS. So, I disconnected the cable from the ASA to the 3750 on the 3750 side (port Fa1/0/48 as you will see below) and plugged it into the MAS instead (G0/0/3). Since, I have been tweaking configurations on both the ASA and the MAS trying to get a connection. Both devices' interfaces are reporting as down/down. The relevant (hopefully all of it) configuration is pasted below. I am sure that there is just a simple tweak to make this work, but I am at a loss for what that tweak is.

     

    Thanks,

    Russell

     

    ********************************************************
    **  NOT WORKING MAS TO FIREWALL                    *****
    ********************************************************
    
    interface-profile switching-profile "Trunk-to-FW"
       switchport-mode trunk
    !
    interface-profile poe-profile "power-off"
    !
    interface-profile enet-link-profile "GbFull"
       speed 1000
       duplex full
       no autonegotiation
    !
    interface gigabitethernet "0/0/3"
       poe-profile "power-off"
       enet-link-profile "GbFull"
       switching-profile "Trunk-to-FW"
    !
    
    ********************************************************
    **  MAS TO CISCO SWITCH              (works)       *****
    ********************************************************
    
    interface-profile switching-profile "trunk"
       switchport-mode trunk
       native-vlan 427
    !
    interface gigabitethernet "0/0/0"
       switching-profile "trunk"
    !
    
    
    ********************************************************
    **  Cisco to MAS                     (works)       *****
    ********************************************************
    interface FastEthernet1/0/2
     switchport trunk encapsulation dot1q
     switchport trunk native vlan 427
     switchport trunk allowed vlan 1-425,427-525,527-4094
     switchport mode trunk
    
     
    
    ********************************************************
    **  FW     (works to Cisco, not connecting to MAS) *****
    ********************************************************
    interface GigabitEthernet0/3
     speed 1000
     duplex full
     no nameif
     security-level 75
     no ip address
    !
    interface GigabitEthernet0/3.427
     vlan 427
     nameif V427
     security-level 75
     ip address 10.75.92.1 255.255.254.0
    !
    
    ********************************************************
    **  Cisco to FW                       (works)      *****
    ********************************************************
    interface FastEthernet1/0/48
     switchport trunk encapsulation dot1q
     switchport mode trunk
     spanning-tree portfast
     spanning-tree bpduguard enable
    !

     



  • 2.  RE: Connecting ASA to ArubaS1500-12P
    Best Answer

    Posted Apr 17, 2015 10:00 AM

    Oh, for the love of Pete...I had a co-worker move the cable for me...did I mention I am remote?...anyway, I called to verify today "The ASA is now plugged directly into the MAS, right?" Response "No, I plugged the 3750 into the ASA." 

     

     

    HAHA....

     

    So, ~10 hours of headscratching, one 90 second phone call, the cable gets moved, I am up and cooking.