Re: Redundant Solution Wanted (Any Solution would be nice too)

Pete89 · ‎10-22-2010

Since a picure is worth a thousand words.... here is mine:

http://www.flickr.com/photos/31154535@N07/5104810248/

My ISP is handing off two ethernet circuits; one for Internet and one for MPLS to the home office. The 2811 comes with two L3 ethernet ports, that as you can see, are being used up. The router also has a HWIC-4ESW module that gives it 4 more L2 ethernet ports. Those port are represented by the four black lines coming out of the bottom of the router in my drawing. The VLANs on the outside of the firewall are 1 and 10. I will need to route all most all inbound traffic to the outside interface on VLAN 10. Failover between the ASAs is configured and functioning.

Questions:

How can I get everything routed with only the L2 ports?

Does anyone see a way I can keep traffic flowing even if I lose one of the switches?

Would it be easier to do this with an additional layer 3 module for the router?

Is this a bad design?

Thank you for any input!

P.

Pete89 · ‎10-23-2010

Hello,

I have up dated my drawing:

http://www.flickr.com/photos/31154535@N07/5107596256/

Routing is working. What I did was create an SVI on the router and assigned the two L2 ports fa0/1/0 and fa0/1/1) to that VLAN.So, as long as sw1 stays up, we are in business. The trouble starts when I power down sw1.

When switch 1 goes off-line, sw2 does not see the router for some reason.

The primary FW senses the downed port and failsover to the secondary, but traffic from the LAN side cant get out.

router.

I need a redundant solution but maybe I cant do what I want to do with those L2 ports on the router.

Thanks for any help, you can offer.

P.

jimmyhardman · ‎10-23-2010

Intresting, could you possibly dump the 3 config files of the devices?

Julio Garcia · ‎10-24-2010

Hi Pener,

what is the default gateway of ASAs?