Hello
We are setting up Cisco ASAs for VPN connectivity (in an active/standby configuration) and I have a question around the best way to connect them to our existing network. We don't have any spare ports on our ISP devices so we'll be physically connecting both the internal and external ASA ports to our core Nexus switches. The traffic will need to traverse our edge firewall to get external connectivity. I'm planning on creating a new vlan for the LAN side, but I'm a little confused about which vlan to put the external port in. We'll be giving the ASAs a public IP and would like external clients to be able to hit it directly via that IP. On the edge firewall we have a transit vlan that we could put it in, but I'm unclear whether that will work as expected. Any feedback?
Thanks
AK
No comments:
Post a Comment