Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
400
Views
0
Helpful
1
Replies

Routing Question

Go to solution
Mokhalil82
Level 4
Level 4

‎01-31-2015 02:31 PM - edited ‎03-07-2019 10:27 PM

Hi

As Per the attached diagram we have site1 and site 2 and the AS number is spanning all 4 internet connections

The LAN is spanned over both sites using OTV.

My question is if we have a server in one of the sites talking out through a pair ASA’s for that particular site on a PAT how does the response know to come back to that site and not the other firewalls in the other location given our public IP range spans multiple physical locations even though it is treated as one logical site?

 

Thanks

Labels:
Preview file
34 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎01-31-2015 02:57 PM

Difficult to say without seeing configurations.

You have two ISPs, are you advertising the same public IP block to both ISPs ?

Your diagram doesn't show any routers between your firewalls and the ISPs routers, are there any.

Usually with this sort of setup you would run BGP and with that you can influence the path both outbound and inbound traffic takes.

So you could ensure if an IP or range of IPs used in site traffic is routed back to those IPs.

But that is just a general answer.

Without understanding more of your setup it's impossible to say.

Jon

View solution in original post

0 Helpful
1 Reply 1

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎01-31-2015 02:57 PM

Difficult to say without seeing configurations.

You have two ISPs, are you advertising the same public IP block to both ISPs ?

Your diagram doesn't show any routers between your firewalls and the ISPs routers, are there any.

Usually with this sort of setup you would run BGP and with that you can influence the path both outbound and inbound traffic takes.

So you could ensure if an IP or range of IPs used in site traffic is routed back to those IPs.

But that is just a general answer.

Without understanding more of your setup it's impossible to say.

Jon

0 Helpful
Customers Also Viewed These Support Documents