Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
340
Views
0
Helpful
1
Replies

Nework redesign - Need HELP!!

Go to solution
howithink
Level 1
Level 1

‎07-25-2013 12:40 PM - edited ‎03-07-2019 02:35 PM

Hello everyone!

Currently we have 2 ISPs. Each ISP connected to 5510 ASA. Each 5510 has 20 ipsec tunnels terminated on. Both ASAs plugged into internal Layer 3 HP switch wich acts as our internal router.

We have 3 VLANS. 2 of the vlans are defined within the layer 3 hp switch (ex: 10.10.10.0 "server network, 10.10.20.0 "desktop network") and the last vlan (10.200.120.0) is defined on one of the ASA itself.

HP switches are also vlan'ed in half. upper ports all plug into the "server network" and lower ports plug into the ASA vlan. All other switches plug into the "desktop network".

I am redesigning our corporate network. I just purchased 34 cisco 2960s switches along with two 3850 layer 3 (stacked) to act as internal router to replace all of our HP switches.

So the 3850 will be attached to two 5510 (public facing) ASAs. Remove the vlan off of the ASA and define everything within the 3850. Basically keep things similar with the exception of replacing all layer 2 and layer 3 devices with cisco gear.

Please see my crude handmade diagrams below. The current is what we have and the desired is what i want. Shouldn’t be too difficult right?

I think i would need inter-vlan routing enabled and configured on 3850. How do i pass noc vlan traffic to one isp and server/desktop traffic to the other isp?

thanks.

Labels:
Preview file
475 KB
Preview file
1717 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mvsheik123
Level 7
Level 7

‎07-25-2013 12:50 PM

Hi,

Yes, you need to enable inter vlan routing (ip routing). As far as passing internet traffic, you can go with Policy based routing(PBR) on core switches. Google for it, you will find lot of examples on this.

hth

MS

View solution in original post

0 Helpful
1 Reply 1

Go to solution
mvsheik123
Level 7
Level 7

‎07-25-2013 12:50 PM

Hi,

Yes, you need to enable inter vlan routing (ip routing). As far as passing internet traffic, you can go with Policy based routing(PBR) on core switches. Google for it, you will find lot of examples on this.

hth

MS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card