Firewall interconnects

Unanswered Question

Need expert opinion on which one of below is considered as best practice and why...


     Option-1    

               RTR-1----ASA---- SW-1

                    \       /      \     /

                 |             |             |

                     /     \       /     \

               RTR-2----ASA----SW-2        



     Option-2   

               RTR-1----ASA---- SW-1

                 |             |             |

               RTR-2----ASA----SW-2

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3 (1 ratings)
Loading.
Jon Marshall Mon, 12/21/2009 - 08:40
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

[email protected]


Need expert opinion on which one of below is considered as best practice and why...


     Option-1    

               RTR-1----ASA---- SW-1

                    \       /      \     /

                 |             |             |

                     /     \       /     \

               RTR-2----ASA----SW-2        



     Option-2   

               RTR-1----ASA---- SW-1

                 |             |             |

               RTR-2----ASA----SW-2


Neither actually. You need L2 adjacency between the ASA interfaces and although you have that on the switch side you don't on the router side. It should be


RTR1 --  SW1 -- ASA1  -- SW2


  |             |          |             |


RTR2 -- SW3 -- ASA2  -- SW4


Jon

Actions

This Discussion

Related Content