Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
511
Views
35
Helpful
7
Replies

WAN-LAN Connection

Go to solution
Docklands
Level 1
Level 1

‎05-06-2015 04:21 AM - edited ‎03-05-2019 01:24 AM

Hi

We need to connect our LAN to a WAN via two links. The LAN is spread over 10km and is bourne upon an SDH network. The links would be via 100Mb leased lines, which would connect between the LAN and WAN at different physical locations. The LAN has to conform with PCI DSS standards so an ASA device would most likely be needed at both connection points. We could also add two switches to the LAN so we could run HSRP.

The WAN owner has suggested a number of external routing protocols that we are not familiar with and the solutions sound complex.

Does anyone have a simple solution we could propose please?

Regards

Mike

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
vivek srivastava
Level 7
Level 7
In response to Docklands

‎05-06-2015 05:53 AM

so typically u need to run IGP e.g. OSPF/EIGRP or static routes (if WAN owner alllows). U can run HSRP internal to your LAN i.e. from users to two new switches which will used to connect to WAN over OSPF etc.

Here i'm assuming that u are going to procure two new switches and 2 new Firewalls (if redunency not required, u can use single switch and single FW with two connections as well). sample network will look like below:

 

-user------LAN Switch1-----FW1-----SDH over IGP (OSPF/EIGRP etc)------WAN Router1

                 |                        |

               HSRP                HA

                 |                        |

-user------LAN Switch2-----FW2-----SDH over IGP (OSPF/EIGRP etc)------WAN Router2

 

View solution in original post

7 Replies 7

Go to solution
vivek srivastava
Level 7
Level 7

‎05-06-2015 05:08 AM

what are suggested external routing protocols ??

0 Helpful

Go to solution
Docklands
Level 1
Level 1
In response to vivek srivastava

‎05-06-2015 05:31 AM

They are proposing OSPF

0 Helpful

Go to solution
vivek srivastava
Level 7
Level 7
In response to Docklands

‎05-06-2015 05:53 AM

so typically u need to run IGP e.g. OSPF/EIGRP or static routes (if WAN owner alllows). U can run HSRP internal to your LAN i.e. from users to two new switches which will used to connect to WAN over OSPF etc.

Here i'm assuming that u are going to procure two new switches and 2 new Firewalls (if redunency not required, u can use single switch and single FW with two connections as well). sample network will look like below:

 

-user------LAN Switch1-----FW1-----SDH over IGP (OSPF/EIGRP etc)------WAN Router1

                 |                        |

               HSRP                HA

                 |                        |

-user------LAN Switch2-----FW2-----SDH over IGP (OSPF/EIGRP etc)------WAN Router2

 

Go to solution
Docklands
Level 1
Level 1
In response to vivek srivastava

‎05-06-2015 05:59 AM

Thanks Vivek,

Would the firewalls be clustered or standalone?

Mike

0 Helpful

Go to solution
vivek srivastava
Level 7
Level 7
In response to Docklands

‎05-06-2015 06:57 AM

use cluster design. I already marked it as HA

Go to solution
Martin Carr
Level 4
Level 4

‎05-06-2015 05:33 AM

HSRP is not the function of a switch (a L2 switch that is), rather it's designed to provide routing redundancy, so you would need multiple Cisco routers.

I assume that both connections, will be active?

Martin

0 Helpful

Go to solution
Docklands
Level 1
Level 1
In response to Martin Carr

‎05-06-2015 05:47 AM

Hi Martin,

 

Yes, both connections would be active.

 

Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card