Dear All.

Pls refer the diagram and suggest

1.There is L3 connectivity between Cisco 4431 and nexus 3k1 [ The IP is configured in Physical interface of Switch, there is no HSRP configured on Router or switch)

2.There is L3 connectivity between Cisco ASR 1002 and nexus 3k2 [The IP is configured in Physical interface of Switch, there is no HSRP configured on Router or switch)

3.There are 2 * /24 public subnets. The L3 interface is configured on Switch for one subnet and for second subnet L3 interface is on Firewall.

4.The connectivity between Firewall and switch is through IPs used from first subnet,

4.There is HSRP configured on Switch on SVI interface for 1st subnet.

5.Port Channel is configured on Firewall and two ports from each Firewall are connected on Switch 1 and Switch 2(VPC is configured on switch and ports from each Switch towards a firewall is part of Same VPC)

6.There is IBGP configured Between Switch 1 & Router1, switch 2 to Router 2, Router 1 and Router 2 and Switch 1 and Switch 2.

7.There is static router form R1 towards Sw1 for one subnet and from R2 towards Sw2 for another subnet.

8.Prefix list - for 1st subnet and /23 is allowed in IBGP between Switch 2 and Router 2 and Prefix list - for 2nd subnet and /23 is allowed in IBGP between Switch 1 and Router 1.

9.BGP is running on WAN

We have tried to implement but have seen following issues.

1.       The IP of first /24 subnet was not pinging from Outside whereas /24 second subnet was reachable from public network.

2.       Not sure, if routing is issue or VPC is issue.

3.       Not sure VPC works between Nexus and Checkpoint.

Request you to check and let me know the solution.

 Regards 

Bibek