Hello everyone,

I would like to push route for admin services (Vlan20) to bypass the firewall via an other connection (CSI to CSE).

so my first choice was to create a route-map in (CSI) but I don't know how to do it.

on my Firewall ASA, I don't have any Context License, that is why I would like to do it like this.

I have included some part of my initial configuration CSI and CSE and diagram.

Does anyone know if this would work? Or Does anyone have a better way of doing this?

Any help would be appreciated!

Thanks

Paul

CSI configuration (Switch L3 3750)

{

interface GigabitEthernet1/0/1

     description To ASA

     no switchport

      ip address 10.22.250.18 255.255.255.252

!

interface GigabitEthernet1/0/2

      description To CSE

      no switchport

     ip address 10.22.250.22 255.255.255.252

!

interface Vlan10

      description Employees

     ip address 10.22.23.254 255.255.252.0

interface Vlan20

     description Admin

     ip address 10.22.239.254 255.255.252.0

router eigrp 1

     passive-interface default

     no passive-interfaceGigabitEthernet1/0/1

     network 10.0.0.0

     no auto-summary

}

CSE configuration (Router 2811)

{

interface FastEthernet0/0

     description To ASA

     ip address 10.22.250.14 255.255.255.252

     duplex auto

     speed auto

interface FastEthernet0/1

     description To CSI

     ip address 10.22.250.21 255.255.255.252

     duplex auto

     speed auto

router eigrp 1

     passive-interface default

     no passive-interface FastEthernet0/0

     redistribute static

     network 10.0.0.0

     no auto-summary

ip route 0.0.0.0 0.0.0.0 Dialer0 (+ip public) }