Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Cisco > Inter-LAN routing

Reply
Thread Tools

Inter-LAN routing

 
 
mowmentous
Guest
Posts: n/a
 
      06-07-2006
We will soon be moving some servers over to a datacentre, and i am
trying to figure out how we will route between the two locations. Here
is a description of what we will need to do:


Office <->Cisco ASA5520 <-----> Cisco ASA5520<->Datacentre


Office subnet: 10.10.10.0/24

Office ASA: 1
Datacentre ASA: 2

the line between the 2 ASA's is a 'private' fibre connection.

ASA1 LAN ip is 10.10.10.1
ASA1 fibre ip is 10.10.20.1
ASA2 fibre ip is 10.10.20.2
ASA2 LAN ip is open

I have three questions:
1) Can I run the 10.10.10.0/24 subnet in the datacentre? If so, how
does this compare (efficiency, security, convenience) with choosing a
different subnet. Choosing a different subnet is not that big a deal
considering what we're doing, but not having to do so would save us
from having to change a whole bunch of server ip addresses over.

2) How do I go about configuring the routing between the two ASA's to
allow the traffic to flow in both directions unrestricted? Only
unicast traffic is necessary.

3) If NAT is necessary, what type of NAT (or PAT) should I be using?

Thanks in advance.

-Adrian

 
Reply With Quote
 
 
 
 
anybody43@hotmail.com
Guest
Posts: n/a
 
      06-08-2006
mowmentous wrote:
> We will soon be moving some servers over to a datacentre, and i am
> trying to figure out how we will route between the two locations. Here
>
> Office <->Cisco ASA5520 <-----> Cisco ASA5520<->Datacentre
> Office subnet: 10.10.10.0/24
>
> Office ASA: 1
> Datacentre ASA: 2
>
> the line between the 2 ASA's is a 'private' fibre connection.
>
> ASA1 LAN ip is 10.10.10.1
> ASA1 fibre ip is 10.10.20.1
> ASA2 fibre ip is 10.10.20.2
> ASA2 LAN ip is open
>
> I have three questions:
> 1) Can I run the 10.10.10.0/24 subnet in the datacentre? If so, how
> does this compare (efficiency, security, convenience) with choosing a
> 3) If NAT is necessary, what type of NAT (or PAT) should I be using?


Hi,

I am not familiar with the ASA but I scanned the
brochure.

THe tidy thing to do is to use a different subnet for the ASA2 LAN.
There may be workarounds for this but do you want
to start out a new data centre with workarounds
in critical areas of the design?

If you dont want any security maybe you have the wrong platform?

I frankly would consider 3750 switch. They you can change to
GBE (unless you have that already?) if your bandwidth
requirement grows.

3750 is wire speed IP router as well as a L2 switch.

 
Reply With Quote
 
 
 
 
keshav keshav is offline
Junior Member
Join Date: Jun 2006
Posts: 15
 
      06-25-2006
If all your servers in datacenter , you can configure default route on ASA1 and have reverse route on ASA2 taking into consideration that the internet gateway is connected from the datacenter through ASA2.

In this case for browsing ,you need to do a PAT on ASA2 and for accessing the servers from outside ,configure static nat on ASA2.

Dont do any natting in ASA1 (make ASA1 work like a router with access-list and routing alone.

Another option would be to configure static identity nat on ASA1 to force traffic to flow between different security zones in pix.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
intervlan routing and policy routing C3750 or C 4948 Sied@r Cisco 3 10-20-2005 08:42 PM
VERY odd routing behavior when attempting VPN connections over Wifi Robert Gordon Wireless Networking 0 08-25-2005 04:04 PM
Routing problem Acuriensis Wireless Networking 2 07-25-2005 06:23 PM
integrating new 3550 with routing into existing routing structure? joeblow Cisco 3 03-14-2005 08:50 AM
exchange routes between global IP routing table and VRF routing table zher Cisco 2 11-04-2004 11:28 PM



Advertisments