We are in the process of converting our remote offices from MPLS to Site-to-Site via ASA Tunnels.
I have no control over the routing of the MPLS, and it takes 30 days to get it turned off.
This site in question is circled in Blue.
my current configuration is like this
My plan for the site is to remove it from the MPLS and move it to a tunnel like this:
I can build the tunnel successfully between both ASA Devices, but I can't reroute traffic because the MPLS Router in my site thinks it knows the way to get to the 50 site. I've told the core switch to route the 50 traffic via the ASA, but it goes through the router first, and I guess the router ignores my route.
ip default-gateway 172.16.100.2 (This is the ASA Address)
ip route 0.0.0.0 0.0.0.0 172.16.100.2
ip route 172.16.100.0 255.255.255.0 192.168.3.254
ip route 192.168.50.0 255.255.255.0 172.16.100.2
My question is this.
Can I add a true internal address to an interface on my ASA, Attach it to the Core switch, and route the 50 traffic through that?
Eventually the MPLS Network is going to go away anyway, so I'm thinking eventually this will need to happen anyway, or I'll need to add another router to make a new DMZ.