cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
21786
Views
0
Helpful
15
Replies

Asymmetric Routing Issue

AkbarAliSheikh
Beginner
Beginner

Hi All,

I'm currently having asymmetric routing issue on my network. We are taking over few departments of a company. Currently the users access our servers via public Internet which are Nated back to our private addresses on our network. This company for some wired reason is using public IP addressing internally. We have installed a LES point to point link with this company so that the users can access the network resources directly. I have installed a firewall between us and them. Company's current networks team doesn't want to use our private addressing over their network hence I had to Nat few of our server IPs to public IP addresses to be available on their network.

The issue is when the users need to connect to any of the other servers then come through our public facing firewall and then to our core. In order to forward the traffic to the LES link firewall I had to route the traffic to it which automatically routes the traffic coming from the company's network via our public firewall hence creating a asymmetric route on the way back.

Ideally the traffic coming from public firewall should go back to the source same way and the traffic coming from LES firewall should go back to the source same way. Can someone advise how can I route the traffic for company's network (10.134.x.x) back out the same way as it came, either via public firewall or the LES link firewall?

Many thanks in advance.

1 Accepted Solution

Accepted Solutions

Thanks,

Simple;

Policy base route traffic from the source IP's of the red servers back to the public firewall. In the order of operation PBR comes before routing so should work.

Simon

View solution in original post

15 Replies 15

Simon Brooks
Beginner
Beginner

Can you supply a quick diagram. I have to admit I cant understand what you've described.


Sent from Cisco Technical Support Android App

Hi,

Please see below the diagram. Hope it makes sense.

Thanks,

Simple;

Policy base route traffic from the source IP's of the red servers back to the public firewall. In the order of operation PBR comes before routing so should work.

Simon

Hi Simon,

Thank you for your reply.

The company users are base on 10.146.0.0/16 range hence will it be possible to route the entire traffic for both these server groups?