I am trying to consolidate the number of potential failures on my network by removing an extra router in my setup if possible.
Currently, I have two internet connections coming in. One for public internet, and one for private internet (MPLS). Both connections are routed over /30 networks. In this example, I'll say my public internet comes in on the 1.1.1.1/30 network, and my private network comes in on the 10.255.0.0/30 network. The public network has a network range of 2.2.2.2/28 routed over it for public IP use locally. The private network has the 10.0.0.0/16 network routed over it for local IPs at the given site. See attached image for a better visualization.
There are two Cisco devices currently setup in order to make this work. a Cisco 3560C and a Cisco 3750.
I'd like to remove the Cisco 3560 out of the equation, but I cannot figure out a good way to remove it and keep the routing tables such that I can route the MPLS traffic through my firewall. I'd like to keep the IPs 1.1.1.2 and 10.255.0.2 as IPs on my switch so that I can access the switch remotely if my firewall went down. I would use ACLs to only allow access from certain locations as a security measure.
Any ideas on how I can get the desired setup to work? Or should I take a whole different approach?
You insight and comments would be greatly appreciated! Thanks in advance!
