Logically and functionally, there are two networks: Network 1 and Network 2. Core switches of both networks are co-located at each 3 core data centers. Both networks run EIGRP in the same AS 100.
There's a requirement to demarcate these two networks using firewalls, to make Network 2 secure.
The easiest solution is to implement the firewalls in transparent mode, therefore maintaining the EIGRP neighbor adjacencies between the core switches.
If I were to implement routed mode, one main concern I foresee is asymmetric routing across the firewalls. I know FWSM 3.1 has support for asymmetric routing but FWSM is not an option here, mainly because some core switches currently do not have Sup720 or Sup32.
Please advise how the new network could be designed/implemented.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...