Wednesday, January 24, 2018

Azure ExpressRoute MPLS and ASA with DialIn Remote nodes

Hi,

I have ASA 5516-X with latest firmware and we are running MPLS to Azure over XO network (ExpressRoute). 2nd Interface on the ASA we have Cogent ISP and several sites that are not part of the MPLS network. They have DialIn (IKEv1) VPN (policy based) that connects them with this central ASA. Remote devices are Cisco 1900 routers, ASA 5506-X, CradlePoint 4g routers. Obviously I want those remote sites to be able to access Azure network over MPLS which is running BGP among nodes of MPLS network so I need to inject all those dialin subnets into BGP.

From the variety of devices used, I am not sure what is the best way to get this going. Maybe setup OSPF on ASA (single area) and all dialin nodes and redistribute OSPF into BGP. Can I even do that when I have policy based VPN since GRE is not an option here?



No comments:

Post a Comment