Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1902
Views
0
Helpful
9
Replies

Routing Issue

james.king14
Level 1
Level 1

‎05-02-2022 11:01 AM

On a ASR1004 I have a 10G circuit ,it is separated into 2 VLANs.  One is on TenG0/1/0.350 and the other is TenG0/1/0.450, the first hold all internet traffic while the other holds our VPN connection.  It is that circuit TENG0/1/0.450 that I have questions with.  It has an IP of 10.10.10.2/32, I have a Gigabit connection on ASR 1004 of 172.32.16.5/24, would like to allow this VPN traffic through our network without interfering with the internet.  Should I use a route-map statement to send to firewall(FW)? Or should I use policy based routing (PBR) statement that would cause a longer configuration statement.  I am trying to allow traffic through our network for downstream users.  Should I just move the connection to the FW 

 

 

Labels:
0 Helpful
9 Replies 9

james.king14
Level 1
Level 1

‎05-02-2022 11:20 AM

Added notes

Community Issue.pdf
Preview file
95 KB
0 Helpful

Flavio Miranda
VIP
VIP

‎05-02-2022 11:57 AM

If I read it right, you have on link. That´s correct? 

What is it your consern about passing VPN traffic and internet traffic ?  And why do you have the router´s cascate? 

0 Helpful

james.king14
Level 1
Level 1
In response to Flavio Miranda

‎05-02-2022 12:36 PM

Should I just utilized the VLAN 450 like a site to site connection?  Or use BGP routing on the FW?

0 Helpful

james.king14
Level 1
Level 1
In response to james.king14

‎05-02-2022 02:45 PM

Hi,



I have another concern should there be a IP ROUTE statement within the
router to the outside interface or the inside?

ip route 172.16.32.0 255.255.255.0 10.10.10.26 (inside)

ip route 172.16.32.0 255.255.255.0 10.10.10.28 (outside)
0 Helpful

james.king14
Level 1
Level 1
In response to Flavio Miranda

‎05-20-2022 12:58 PM

Flavio,

 

Yes my concern is about passing both VPN and internet traffic at the same time.  Will they interfere with each other? How can I configure this so when one goes down the other link will take over, but give the same rights.

0 Helpful

james.king14
Level 1
Level 1
In response to james.king14

‎06-01-2022 08:47 AM

Flavio,

 

Once I made the connection, traffic stopped?  I rebooted the FW, once  I went ahead with the S2S and it worked but have a lot of lag.  I added the IP route statements on the router.  

0 Helpful

Flavio Miranda
VIP
VIP
In response to james.king14

‎06-02-2022 04:15 AM

 Hi,

 Sorry, can we start over?

Let me know what you did so far and where you want to get please. Let me see if I can help you properly.

0 Helpful

james.king14
Level 1
Level 1
In response to Flavio Miranda

‎06-15-2022 06:22 AM

Sure, I just got this message so sorry for not answering earlier.

I have enclosed a Visio diagram with questions.

I have completed the site to site on ASA but the connections flops and causes issues in routing.  I am trying to connect a Enterprise VPN session to our current network.

ERAV low level.pdf
Preview file
137 KB
0 Helpful

Richardkm
Level 1
Level 1

‎06-01-2022 11:24 PM - edited ‎06-02-2022 09:00 PM

Having Same issue. Is there any way to force packets to go back out the same interface they are received on? Basically, my 3750x has a default route going out one interface. I also have a "special" appliance plugged into int 34. I need packets that arrive on that interface to go back out the same interface and not use the default route. Is there a way to do this? Thank you.                   DQFanSurvey Feedback

0 Helpful
Top