ASA01 - Connects to ISP01, its LAN ip address is: 192.168.1.1 ASA02 - Connects to ISP02, its LAN ip address is: 192.168.1.2
After them, a cisco 3750 switch that connects with these two cisco firewalls.
On all of three above, i've created OSPF networks.
In two firewalls, i've created default routes 0.0.0.0 0.0.0.0.0 with object tracking. These defaults routes, are distributed via OSPF to switch also. So switch itself, learns it default route via one of the two Cisco Firewalls (the one of ASA01 has lower metric).
In cisco switch, i've create different VLANs, for users, servers etc. the VLAN where two asa are connected is vlan 5 with ip address: 192.168.1.3
Actually, on cisco switch, i've create a route map, that traffic that originate from Server IP to always go to ISP02. This server IP is 10.1.1.18
The VLAN of server in cisco switch has IP address 10.1.1.3. The servers have as default gateway the ip address of 10.1.1.3 (the vlan IP)
Now, i've to replace this cisco switch 3750 with another L3 switch (not cisco), that support ospf, BUT DON'T SUPPORT AND DON'T HAVE ROUTE MAP.
With this new switch, i've problem that server with IP 10.1.1.18 always use ASA01 as default route, but i want that this server to be routed to ISP02 via ASA02.
I am wondering if it is possible for you to place the server-facing switchport and the ASA02 -facing switchport in the same vlan then configure ASA02 as gateway in the server with bypassing the switch's SVI .... ?
BenefitsDocumentationPrerequisiteImage Download LinksLimitationsSupported PlatformsLicense RequirementsTopologyStep-By-Step ConfigurationConfigure Virtual ServiceActivate the virtual service and configure guest IPsConfiguring UTD (Service Plane)Configurin...
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...