Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
176
Views
0
Helpful
1
Replies

Cisco ASA 5515X & Cisco Nexus 3K Switch

Nathan Brock
Beginner
Beginner

‎05-29-2018 11:36 AM - edited ‎03-08-2019 03:10 PM

All,

 

I am working on configuring a topography with 1 Cisco ASA 5516X Firewall configured with a Nexus 3K Switch (Core Switch). 

I am looking for a recommend best practices topographical design. 

 

Things I need to consider:

 

1) We have another integrated services router that handles are Cisco Unity Services for VOIP. This is a different gateway and network then our data network.

2) We will have multiple vlans / Point to Point connections to multiple branch offices. Some of these connections are layer 2 with AT&T and others are Site-To-Site IPSec. 

3) Should the ASA be configured in routed and transparent mode.

4) Are there any pairing commands for the ASA and Nexus to share a routing table or arp table?

5) We also have a 5508 WLC with 25 APs. 

 

I am hoping to enable the Nexus to the majority of all routing and inter-vlan routing with access policies. 

 

What would everyone recommend.

 

Thanks,

Nate

 

 

 

Labels:
0 Helpful
1 Reply 1

Georg Pauwen
VIP Master VIP Master
VIP Master

‎05-29-2018 12:50 PM

Hello Nate,

 

a few thoughts: the ASA in transparent mode does not terminate VPN tunnels, so for your site to site IPSec connections alone, you would need routed mode.

For your inter-Vlan routing, the Nexus 3K is probably the much better choice in terms of throughput.

I would use the ASA just for Internet-bound traffic, and the N3K for 'local' traffic.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents