cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco ASA 5508 in combination with a Meraki 225

SOLVED
Highlighted
Comes here often

Cisco ASA 5508 in combination with a Meraki 225

Hi Guys,

 

I need some help im configuring a Cisco ASA in combination with Meraki Switch

 

On the ASA i have configured some vlan interfaces for example vlan 4 (no dhcp)

 

now i connect the interface vlan 4 to the switch port 1 in trunk mode native vlan 1 and allowed vlan 4.

the switch is in static mode on the subnet of vlan 4 but i got no connection to the switch (switch down)

 

what im i doing wrong?

Tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: Cisco ASA 5508 in combination with a Meraki 225

This mostly spells it out.  

https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Recommended_Configuration_for_Trunk_...

 

Just make sure the physical interface you are configuring at the trunk is the actual interface connected to your switch trunk and not a sub interface. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
9 REPLIES
Kind of a big deal

Re: Cisco ASA 5508 in combination with a Meraki 225

Is the interface on the ASA configured as a trunk port? It sounds like you may have it as an access port on the ASA side but trunk on the MS side. 

 

In general, MS switches want to tag their management traffic. 

MRCUR | CMNO #12
Comes here often

Re: Cisco ASA 5508 in combination with a Meraki 225

Hi MRCUR thanks for your reply

 

below asa interface (i have vlan 4 this is another vlan as example) and the meraki switch port
asa int.JPGmeraki.JPG

 

ww
Head in the Cloud

Re: Cisco ASA 5508 in combination with a Meraki 225

so you setup the meraki switch on the local status page with gw to the asa?  can you ping the meraki management ip from the asa? 

Comes here often

Re: Cisco ASA 5508 in combination with a Meraki 225

I have enter in the LAN IP

 

the ip address XXX.XXX.4.XXX

vlan to 4

subnet 255.255.255.0

Gateway XXX.XXX.4.1 (ip address of the interface of the asa with vlan 4 setup)

DNS XXX.XXX.4.XXX

 

Kind of a big deal

Re: Cisco ASA 5508 in combination with a Meraki 225

In the ASA screenshot the VLAN ID is 46 - not 4.
Comes here often

Re: Cisco ASA 5508 in combination with a Meraki 225

Correct is an example of an other asa

Comes here often

Re: Cisco ASA 5508 in combination with a Meraki 225

Does anyone has an example of connecting asa to merak with asa has the vlan interfaces?

Kind of a big deal

Re: Cisco ASA 5508 in combination with a Meraki 225

Do you have a notebook or desktop with a NIC that supports VLAN tags?  If so, I would plug a notebook directly into the ASA with a VLAN tag of 4 and machine sure you can access the Internet.  This will verify the NAT and access-rules on the ASA allow that VLAN to get to the Internet.

 

I believe your tagging and trunking configuration are correct. I am more suspicious that the ASA is now allowing the traffic out.

 

 

On the MS does the local status page give any reason?  For example, does it say it has a DNS problem, or a default gateway problem, etc?

Kind of a big deal

Re: Cisco ASA 5508 in combination with a Meraki 225

This mostly spells it out.  

https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Recommended_Configuration_for_Trunk_...

 

Just make sure the physical interface you are configuring at the trunk is the actual interface connected to your switch trunk and not a sub interface. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Labels