Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
845
Views
0
Helpful
3
Replies

MPLS - Transition / Migration

Go to solution
Drew15
Level 1
Level 1

‎05-09-2023 09:18 PM

Hello,

Soon, within the next 6 months, we will be migrating to full a MPLS network. The plan is to put all our field offices on to MPLS.

However it will occur in stages over several months. My pressing concern is how to connects six field offices to MPLS that will be trunked to our Headquarters in different geographic area.

Current Setup:
Remote Regional Office in Florida has A VLAN trunk back to our Headquarters in Montana on a Sonnet Network.
- The Florida office has six field offices. Each field office is on its own separate subnet behind either a ISR 4300 router or Cisco 9300 switch or both (9300 behind the 4300). Ex 192.168.1.x, 192.168.2, ect.
- Each field office has a direct fiber connection to the Florida Regional office Coms room and linked to the access switch trunked back to Montana.
- All network traffic is trunked back to Montana for file access/storage, email, network scanning, internet access, etc.. Basically, all traffic goes back to and through Montana.


The scenario
- We have no testing environment
- The MPLS network will be setup on all new network equipment. 3310 Firepower replacing ISR4300 and 9200 switches replacing our Cisco 9300 switches.
- At first the MPLS network will be configure between Florida and Montana, only , as these are the first two MPLS circuits to be delivered. They will be linked with a New Firepower 3130 firewalls.
- The MPLS circuits for the other six Florida Filed offices will be linked Firepower 1120.- But there will be a lag between configuring MPLS network between Florida and Montana and then adding the other field sites in Florida.

The questions:
- What is the best way to connect the (soon to be legacy equipment) to the new MPLS network at the Florida field offices so that they can operate BAU with Montana until their respective MPLS circuits arrive. Will I need to change IP address or range? I can’t find and sensible/ relevant config changes that shed light on what should be done on the 9300 or 4300 to interface them with the MPLS network.

- When the new gear arrives for the Field Offices, I think it will be a somewhat straight forward config / switch over / testing process. Will put new IP address ranges on the gear to differentiate. But is there anything I should be concerned about?

- Also, in the future we expect a few ‘Pop-up’ field offices that we plan to support with C1111 ISR routers. In these cases, we will install a commercial ethernet service at the site. What is the optimum way to connect these ‘pop-up’ sites to our MPLS network at the Florida Regional Office? VPN? or is there a better option that would allow the users to interact seamlessly with the enterprise network?


Thank you in advance for your input and advice.

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
M02@rt37
VIP
VIP

‎05-09-2023 11:05 PM - edited ‎05-09-2023 11:06 PM

Hello @Drew15,

You have a complex network environment, and the migration to MPLS will require careful planning and coordination. Thanks for that sharing.

Without having all the whole view, here what I could advice.

--To connect the legacy equipment at the Florida field offices to the new MPLS network, you should be able to keep the existing IP addresses and ranges. You will need to configure the appropriate VLANs and subnets on the new switches and firewalls to match the existing network topology. You may need to configure the legacy equipment with new default gateways to point to the new firewalls, but the IP addresses of the equipment should remain the same. You should also ensure that the existing VLAN trunks from the access switches to the regional office are maintained and extended to the new firewalls.

--When the new gear arrives for the field offices, you will need to configure the new switches and firewalls with the appropriate VLANs and subnets to match the existing network topology. You should also configure the new equipment with new IP addresses to differentiate them from the legacy equipment. Once the new equipment is configured, you can perform testing to ensure that the network is functioning correctly before switching over to the new equipment.

--For the pop-up field offices that will be supported with C1111 ISR routers, the optimum way to connect them to your MPLS network at the Florida regional office would be to configure site-to-site VPN tunnels between the C1111 routers and the new firewalls. This will allow the users at the pop-up sites to interact seamlessly with the enterprise network over the VPN tunnels. You will need to ensure that the appropriate VLANs and subnets are configured on the C1111 routers to match the existing network topology, and that the VPN tunnels are properly configured to establish connectivity between the pop-up sites and the Florida regional office.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
M02@rt37
VIP
VIP

‎05-09-2023 11:05 PM - edited ‎05-09-2023 11:06 PM

Hello @Drew15,

You have a complex network environment, and the migration to MPLS will require careful planning and coordination. Thanks for that sharing.

Without having all the whole view, here what I could advice.

--To connect the legacy equipment at the Florida field offices to the new MPLS network, you should be able to keep the existing IP addresses and ranges. You will need to configure the appropriate VLANs and subnets on the new switches and firewalls to match the existing network topology. You may need to configure the legacy equipment with new default gateways to point to the new firewalls, but the IP addresses of the equipment should remain the same. You should also ensure that the existing VLAN trunks from the access switches to the regional office are maintained and extended to the new firewalls.

--When the new gear arrives for the field offices, you will need to configure the new switches and firewalls with the appropriate VLANs and subnets to match the existing network topology. You should also configure the new equipment with new IP addresses to differentiate them from the legacy equipment. Once the new equipment is configured, you can perform testing to ensure that the network is functioning correctly before switching over to the new equipment.

--For the pop-up field offices that will be supported with C1111 ISR routers, the optimum way to connect them to your MPLS network at the Florida regional office would be to configure site-to-site VPN tunnels between the C1111 routers and the new firewalls. This will allow the users at the pop-up sites to interact seamlessly with the enterprise network over the VPN tunnels. You will need to ensure that the appropriate VLANs and subnets are configured on the C1111 routers to match the existing network topology, and that the VPN tunnels are properly configured to establish connectivity between the pop-up sites and the Florida regional office.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.
0 Helpful

Go to solution
Joseph W. Doherty
Hall of Fame
Hall of Fame

‎05-10-2023 02:47 AM

MPLS WAN networks often come in two "flavors", the WAN is using MPLS in either, but does your CE exchange MPLS labels with the PE router or not?

Is the WAN your links or a service provider's?

What routing protocol(s) will you be using?

0 Helpful

Go to solution
Drew15
Level 1
Level 1
In response to Joseph W. Doherty

‎05-14-2023 09:57 PM

Hello Joseph,

Thank you for your message.  Yes, our CE will exchange labels with the PE router.

We will be using EIGRP and OSPF all statically set.

 

0 Helpful
Customers Also Viewed These Support Documents