08-23-2019 12:24 PM
Hello, this might not be possible but wanted to ask. We have a bunch of hotels that all have a "interface server" that resides on the same subnet as the computers for the back office. We are wanting to move this interface server to a data center instead of housing it in the hotels.
My question is can we do this without changing the local IP address? Changing it's not really possible without breaking a lot of stuff.
At the hotel we have a Meraki MX64 router and then in the data center we have a cisco ASA. Would there be a way to make a site to site vpn connection between the two and somehow get this to work? I know we could subnet the/24 but I'd rather not do that if possible.
Thanks
Solved! Go to Solution.
08-27-2019 11:34 AM
Sorry for the miscommunication, the router is an ASA 5515 that we will use in the Data Center. That currently has a site to site vpn setup to the hotels Meraki MX64 unit.
ASA LAN side is 10.16.1.251/24 with 10.16.1.252 as the secondary IP
MX at the hotel LAN side is 10.211.41.254/24
The interface box at this hotel is 10.211.41.7. I understand on this one we will need a /28 so that the .7 isn't the broadcast IP.
However with that said is there anyway to do it without adding or changing the current VPN? If we need to make the subnet on the ASA side something like 10.211.41.0/28 we would need to create a second VPN connection since our RDS environment runs on the ASA LAN side. Or we could just get another firewall if a second VPN connection to each hotel would be required. We have 21 hotels all together.
Thanks!
08-28-2019 06:35 AM
Thanks for the clarification. So at the data center an ASA connects the WAN and the LAN and there is not any router in the data center network. I do not think that my suggestion will work in that environment. Since there are 21 hotels my suggestion of creating a small subnet for each interface server would create 21 small subnets that need to be created and need to route to the data center Lan (and to the Internet). I do not believe that the ASA would support that many subnet connections.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide