Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
623
Views
2
Helpful
7
Replies

515e WAN Routing Question

johnnymac
Level 1
Level 1

‎07-19-2007 01:37 AM - edited ‎03-11-2019 03:46 AM

Hi,

I have two 515e's at different locations which are currently connected using a L2L vpn.

We have just had a managed BT MPLS link installed.

We gave BT our internal network ranges and they confirmed their side of the work has been completed.

what I want to do now is use the pix at either end to route and connect the internal networks.

So far I have managed to establish connectivity between the 515e's on their 192.168.1.0/24 and 192.168.3.0/24 networks but am not sure where to go now?

I have posted the configs for both PIX's and would be really grateful if anoyone could help.

Kind regards

J Mack

Labels:
Preview file
6 KB
Preview file
6 KB
0 Helpful
7 Replies 7

johnnymac
Level 1
Level 1

‎07-22-2007 11:53 AM

Hi,

Can anyone help with this at all?

Thanks

J Mack

0 Helpful

JBDanford2002
Level 1
Level 1
In response to johnnymac

‎07-22-2007 12:02 PM

Where is the MPLS network located to the PIX Firewalls? On the DMZ or the inside interface.

0 Helpful

johnnymac
Level 1
Level 1
In response to JBDanford2002

‎07-23-2007 12:36 AM

Hi they are located on spare ports the PIX has so i guess that would be DMZ. The inside int's are connected to the internal LAN's.

0 Helpful

johnnymac
Level 1
Level 1
In response to johnnymac

‎07-23-2007 05:28 AM

All i really want to do is use the pix as a router and send traffic from two Internal LANS to each other via the MPLS line. while maintaining the outside interface for the internet.

Is it a case of the PIX just isn't built for this type of functionality?

Would i be best off just connecting the mpls to a Vlan on a switch?

Some help would be much appreciated as i'm really stuck.

Regards

J Mack

0 Helpful

JBDanford2002
Level 1
Level 1
In response to johnnymac

‎07-23-2007 04:00 PM

If it is from the inside network (eth1) going to the DMZ (eth2) to get to the MPLS network then you should not have an issue. Are both sites set up this way? The problem occurs when (6.X and below) the networks are located off of the same interface. Sounds like you should be good to go in your scenario. All you will need is a translation and some rules. Are the networks you want to run via MPLS currently sent through the VPN?

johnnymac
Level 1
Level 1
In response to JBDanford2002

‎07-24-2007 02:44 AM

Hi,

It is, i want to route my internal networks to (eth3) in this case and over the MPLS to the Pix at the other end. They are exactly the same networks that are going through the VPN, which was a temporary solution.

Can you give me some pointers on the translation and rules?

Also there is another remote site as per the attcahed diagram. At the moment i'm tying to connect A - B, and also hope to connect A - C over the MPLS.

Now the BT router has been installed at C but is not yet connected to the internal PIX. Will that be an issue connecting A - B, ie do all three sites have to be connected for the MPLS links to converge?

Thanks For your help

J Mack

Preview file
7 KB
0 Helpful

johnnymac
Level 1
Level 1
In response to johnnymac

‎07-25-2007 12:27 AM

Could anyone suggest which NAT config and which rules i should use to achieve this?

Kind regards

J Mack

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card