Hello!
I am looking for some advice on the best path forward for some changes I want to introduce to our network. I want to create a vrf for our tertiary (4g) ISP connection on our switch in order to eliminate a single point of failure. I have been able to do this without any issues to our other 2 ISPs since there is a range of public IPs i can use to set this up. The 4g ISP connection is a different story since it only has one public ip address I can use. Currently the topology looks like this:
Firepower --> L2 switch --> Crandlepoint
We are using a transit vlan for this connectivity and this traffic is not isolated. The one public IP lives on the firewall wan interface.
What I am trying to accomplish:
Firepower --> L3 VRF --> Cradlepoint
My initial thought was to set this up with a /29 private IP address space for the firewall to VRF connectivity and have the public IP live on the cradlepoint, but that would mean I would need to move all of the natting over to the cradlepoint as well, right?
I know this isn't a lot of information to go on, so please ask any questions you have to help find the right solution for this setup.