Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
3
Helpful
2
Replies

Need advice on network migration

alexals
Level 1
Level 1

‎06-02-2008 06:50 PM - edited ‎03-05-2019 11:22 PM

Hi experts !

Good day to you all! I would like to have your advice regarding our plan to

migrate our customer network as I'm need to know whether our migration plan

is feasible to work on. I would like also to know what other good

alternatives that we could refer to beside our own migration plan. Our

migration plan is concentrated on the top level of both network which is the

most critical part. During the implementation of new network, we want to

retain the existing network set up (internet gateway and firewall) and at

the same time, set up both C7204VXR (we called it 'border-router') and two

new firewall accordingly. Based on the diagram, both firewall (which are

configured as a cluster) are using the existing firewall (Firewall-A) as

their temporary 'default gateway' since both 'border-router' on the new set

up has not yet connected to new leased-line services.

'Border-router', firewall cluster and existing firewall (Firewall-A) are

connected to a plain (unmanaged) switch in 111.168.100.0/27 network. The

existing firewall (Firewall-A) is in routed/NAT mode. One interface is

connected to their internal network and another connected to the new

network. Routing is shall be done on the existing firewall itself. Both

'border-router' would use GLBP for redundancy and similar to firewall

cluster which has its own virtual-IP. Once both 'border-router' are

connected to new leased-line services, the firewall cluster will pointing to

GLBP of 'border-router' as its 'default-gateway'. In terms of routing, I

going to use static routing configured in firewalls and 'border-router' as

initial start and might change to a dynamic routing (if possible) once the

migration is fully complete.

So, my questions are;

i. Based on your understanding, is this plan workable?

ii. Alternative ways to plan for better migration?

iii. In term of IP addressing, is this okay? (Note: IP address are not real

but the address arrangement is same)

I'm new to this migration and I seek for advice on this.

Thanks very much and regards,

Daniel Alex

p/s: If you need more explanation, I'm feel really glad to give.

Labels:
0 Helpful
2 Replies 2

alexals
Level 1
Level 1

‎06-02-2008 07:20 PM

Here is the diagram for your attention. Forgot to attach it together.

Preview file
181 KB
0 Helpful

robertblasey
Level 1
Level 1
In response to alexals

‎06-04-2008 11:15 PM

Hi Alex,

In terms of GLBP I would make sure that I'ld use the "host dependent" load-balancing algorithm, so your hosts accessing the internet use always the same source IP when communicating with a server.

http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6554/ps6600/product_data_sheet0900aecd803a546c.html

Your plan looks fine do far. You could have planned the new inside network as a temporary DMZ on the old firewall, so the transition runs smoothly ..

Robert

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card