06-05-2009 08:07 PM - edited 03-06-2019 06:07 AM
Hi,
I have two site having 4507 both sides and connected to with a Metro Ethernet point to point, I am running eigrp to get access to local subnets of each location from other.
There are ASAs connected to each 4507 for outside access with default routes to them.
Now i can access DMZ subnet locally but not from other site i tried few thing that could not work.
Please let me know what is the best way to do this in terms of security and routing.
Thanks in advance.
ASA Ver 8.0(4)
06-06-2009 02:05 AM
You have 2 options really.
1) Run EIGRP on the ASA and advertise the DMZ subnet to the 4500 switches.
2) On each 4500 switch add a static route for the DMZ and redistribute into EIGRP.
I haven't used EIGRP on the ASA so i have no experience with option 1) but i have used option 2) many times.
Jon
06-06-2009 07:08 AM
Hi,
Thanks for reply, if i take option 2 then
will any access restricyion i have to take care specailly, it will be great if you can provide saome sample config.
Thanks in advance
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide