Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
329
Views
0
Helpful
2
Replies

Help with choosing the best approach and configuring the network...

dovla091
Level 1
Level 1

‎07-20-2016 12:54 PM - edited ‎03-08-2019 06:42 AM

Hi,

I have one ongoing project. Since I had my CCNA course back in 2005 (since most of my IT carrier was programming and system engineering), I am having a dilemma of choosing a best approach. Current setup that I have is one ASA firewall / router, and two networks. First network is covered by HP switches and it represents administration network (VLAN 1 - 192.168.1.0). Second network is bit different. I is also using HP switches, but it has Meraki APs in it. Those Meraki has been setup to have two ssid / vlans. VLAN 10 represents guest wifi, and VLAN 1 needs to communicate with VLAN 1 on first network.

 

I have created two simple schemes but I don't know which of them are the best approach.

First one would include connecting two switches and all the traffic goes via admin network switch:

which brings the question, even if it is 1Gbit link, it should stress this device more than if there are two links that have direct connection to ASA...

please refer to the prinscreen below.

There is a second approach, that both network switches goes directly into ASA, but then I am not sure how the communication between VLAN1 from admin network will be able to communication with VLAN1 from guest wifi network...? Will ASA be able to forward packets by default (even though I doubt since it is not a switch...)

What would be the best approach?

If I choose first method than I need to create trunk between two switches and trunk to ASA. Speaking of that it will also split network traffic, since all the network traffic will be going from one link.

 

Second approach, you have two separated "connections" which would only stress ASA, but I don't know how ASA would behave? Would it see and let all the traffic from VLAN1 on admin network to VLAN1 on guest wifi network or...?

 

Thank you in advance

Labels:
0 Helpful
2 Replies 2

Dan Lukes
VIP Alumni
VIP Alumni

‎07-20-2016 01:07 PM

You are off topic in Feedback forum as it is dedicated to other topics. Moved to more appropriate community.

By the way, it seems you failed to embed screenshot mentioned in the text. You may use blue EDIT button on upper right to repair the comment. To embed picture into text use "add media" button, not the "insert image".

0 Helpful

dovla091
Level 1
Level 1
In response to Dan Lukes

‎07-22-2016 05:57 AM

Now that is bizarre. I always check before posting a message, usually with a "preview message" before post... anyway, sorry for selecting wrong group. I have fixed my post

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card