Hello Mohammed,

by default the asa firewall is on routed mode, this will lead to use different Ip address ( on different broadcast domains) on each of it's interfaces.

What you are looking for is to have the ASA in transparent mode,

http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a008089f467.shtml

http://blog.ine.com/2008/09/29/transparent-mode-firewall-guidelines/

remember to rate all of the helpful posts

Hope this helps

Julio

Hello Mohammed,

I have no access to a box right now,

Is there a way you could open a case with TAC so we can configure it for you from scratch?

Regards

Hello Mohammed,

what version you have on your ASA?

Hello Mohammed,

let's say you will connect the interface fas 0/0 to the cisco router ( outside) , then the fas 0/1 to the inside MPLS

conf te

ip address 10.7.10.4  255.255.252.0

int fast 0/0

nameif outside

no shut

interface  fast 0/1

nameif inside

no shut

route outside 0.0.0.0 0.0.0.0 10.7.10.2 ( This is for traffic to the asa or from the asa itself)

In your scenario the inside users will use the MPLS router as their default gateway but if they want to go to the internet they must go to the outside cisco router and for that they must go through the asa

got it?

Regards

Hello,

there is none, that is the purpose of this configuration,

the same ip will be used on both inside and outside,

read the documents I provide you for further explanation

regards

MPLS router------ASA------Cisco Router

        All of this is on the same broadcast domain

Hello,

You can do it on the ASA ( NAT on transparent mode is supported as long as you do not use the managment ip address , in this case is 10.7.10.4..

Example of nat

static ( inside,outside) 10.7.10.50 x.x.x.x (   here it goes the real ip address )

regards