Guys we have to provide a solution with limited resource (hardware) we have a ASA firewall , 3750 switch and a packetshaper.
ASA -----> packet shaper------> 3750
The issue is that customer has asked us to have port-channel from ASA to 3750......packet shaper has only one inside port.......
3750 has to do EBGP with service provider and for that service provider has allocated /30 already (cant get change)
I was thinking to have a vlan 10 on 3750 (assign ip eg 10.1.1.1/29) assign 10.1.1.2/29 to firewall port-channel and ....packet shaper inside cable should plug into vlan 10 (its layer 2 packetshaper).....
the main issue is packet shaper outside cable and how to do BGP......keepimng in mind we have /30 from service provider..........it will be static routing between firewall and switch....i can get my head around the flow to and from BGP to ASA treversing packetshaper
can someone plz help
Secondly i am not sure i can give a 10.1.1.2/29 to layer 3 port channel on ASA as it will be layer 2 port-channel on swicth how does that work or am i fine ??
>> The issue is that customer has asked us to have port-channel from ASA to 3750......packet shaper has only one inside port...
Or you get a second L2 packetshaper or you go with a single link ASA - PS - C3750, shaping on only one member link of a two links etherchannel makes little sense.
The packet shaper is layer2 so it does not cause any problems to addressing. The public /30 has to be used on the WAN link, this leads to use a private IP subnet between ASA and C3750.
It would be better to use a dynamic routing protocol between ASA and C3750 as they are not directly connected and you cannot trust packet shaper to be able to torn down one port if the other side is down.
Alternatively you can use reliable static routing with object tracking but you should check availabiity of the feature on both devices.
>> Secondly i am not sure i can give a 10.1.1.2/29 to layer 3 port channel on ASA as it will be layer 2 port-channel on swicth how does that work or am i fine ??
This can be done you will terminate L3 on SVI vlan 10 on C3750 switch side.
The cat's out of the bag! In October 2020, Cisco announced the Next Generation of Enterprising Routing Platforms: the Catalyst 8000 Edge Platforms Family including the Catalyst 8200, Catalyst 8300, Catalyst 8500, and Catalyst 8000V. The new family of Cats...
Community Live- Smart Licensing Using Policy (Routing) – A Simplified Licensing Approach
(Live event - Tuesday, 18 May, 2021 at 9:00 am Pacific/ 1:00 pm Eastern / 7:00 pm Paris)
This event will have place on Tuesday 18th, May 2021 at 9:00 hrs PDT&nb...
Welcome to the overview guide that covers the latest in Cisco Networking and Data Center innovations and new product introductions. You'll find information on Intent Based Networking updates, special promotions and free trials, as well as exclusive upcom...
Listen: https://smarturl.it/CCRS8E13 99% of organizations use certifications to make hiring decisions. The reason is simple: Cisco certifications bring valuable, measurable rewards to certified IT professionals and the organizations that employ them....
Cisco AI Endpoint Analytics – Deployment guide
This deployment guide is meant for Cisco AI Endpoint Analytics adoption for customers, partners and everyone focusing on Endpoint Visibility and to how achieve it with Endpoint Analytics. It has sections that...