05-02-2022 11:01 AM
On a ASR1004 I have a 10G circuit ,it is separated into 2 VLANs. One is on TenG0/1/0.350 and the other is TenG0/1/0.450, the first hold all internet traffic while the other holds our VPN connection. It is that circuit TENG0/1/0.450 that I have questions with. It has an IP of 10.10.10.2/32, I have a Gigabit connection on ASR 1004 of 172.32.16.5/24, would like to allow this VPN traffic through our network without interfering with the internet. Should I use a route-map statement to send to firewall(FW)? Or should I use policy based routing (PBR) statement that would cause a longer configuration statement. I am trying to allow traffic through our network for downstream users. Should I just move the connection to the FW
05-02-2022 11:20 AM
05-02-2022 11:57 AM
If I read it right, you have on link. That´s correct?
What is it your consern about passing VPN traffic and internet traffic ? And why do you have the router´s cascate?
05-02-2022 12:36 PM
Should I just utilized the VLAN 450 like a site to site connection? Or use BGP routing on the FW?
05-02-2022 02:45 PM
05-20-2022 12:58 PM
Flavio,
Yes my concern is about passing both VPN and internet traffic at the same time. Will they interfere with each other? How can I configure this so when one goes down the other link will take over, but give the same rights.
06-01-2022 08:47 AM
Flavio,
Once I made the connection, traffic stopped? I rebooted the FW, once I went ahead with the S2S and it worked but have a lot of lag. I added the IP route statements on the router.
06-02-2022 04:15 AM
Hi,
Sorry, can we start over?
Let me know what you did so far and where you want to get please. Let me see if I can help you properly.
06-15-2022 06:22 AM
Sure, I just got this message so sorry for not answering earlier.
I have enclosed a Visio diagram with questions.
I have completed the site to site on ASA but the connections flops and causes issues in routing. I am trying to connect a Enterprise VPN session to our current network.
06-01-2022 11:24 PM - edited 06-02-2022 09:00 PM
Having Same issue. Is there any way to force packets to go back out the same interface they are received on? Basically, my 3750x has a default route going out one interface. I also have a "special" appliance plugged into int 34. I need packets that arrive on that interface to go back out the same interface and not use the default route. Is there a way to do this? Thank you. DQFanSurvey Feedback
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: