Hairpin Inet + Site to Site VPN + MPLS WAN + EIGRP scenario problem
I am trying to use our ASA pair at our main datacenter as the Internet hub for all our remote sites that hit it over our MPLS WAN as well as a site to site VPN hub hairpinning the Inet traffic. This is all dynamically routed using EIGRP and GRE tunnels.
For traffic destined for the Internet coming over the WAN to the datacenter it will go out the Internet link on the ASA. The ASA has a route on the inside interface for the remote sites /16 address. When that link fails though it still has the static route for the /16 on the inside interface so when our router sees the remote sites through the ASA with the site to site tunnel and not across the WAN the traffic will not route over that ASA.
I have tried to route the traffic on the ASA by having the identity NAT statement select the egress interface and then putting in another static for that same /16 on the outside interface with adminstrative distance of 2, but that is failing for me as well.
It seems that I am limited on the capabilities of the ASA. The only "solution" I can think of would be IP SLA on the ASA, but I'm hoping there's a more elegant way to do this.
Hello All, We are using appliance SNS-3495 with 188.8.131.520 version patch 15. As per the notification pop, Flash player support to end on December 2020 and we are unable to login to CIMC Console for a re-imaging activity. My query1. Can...
Which Cisco Secure products include access to SecureX?
Eventually, all will. At the current time, a license to any of the Cisco products listed here grants immediate rights to use the SecureX platform:https://www.cisco.com/c/en/us/product...
More people are working remotely, and this increases the risk of security breaches and the difficulty in defending remote workers where they work and securing the devices they use.
Learn about Cisco Remote Secure Worker solutions that verify workers, secu...
ISE Node Terminology
Policy Administration Node
Monitoring & Troubleshooting Node
Policy Services Node
Platform Exchange Grid Node
The single plane of glass for ISE administration and configuration operatio...
On December 8, FireEye reported that it had been compromised in a sophisticated supply chain attack: more specifically through the SolarWinds Orion IT monitoring and management software. The attackers leveraged business software updates in order to distr...