Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
569
Views
0
Helpful
7
Replies

Routing issue - VPN 3002 , PIX 515E , 2621 , 3750 Switch

Go to solution
g.brown
Level 1
Level 1

‎10-24-2006 09:21 AM - edited ‎03-05-2019 12:24 PM

Okay I have a PIX 515E as my default gateway on the LAN side (172.22.0.1) . I have a Cisco VPN 3002 with the LAN side being 172.22.0.3 and the PIX its default gateway .

I have a Cisco 2621 router on a Sprint Clearline (Point to Point T-1) that has a LAN address of 172.22.0.4.

The 3750 Switch is 172.22.0.5 and is the backbone switch.

I have a LAN to LAN IPSEC VPN that the 3002 runs where it routes 192.168.10.0 to the DG of the WAN side of the VPN 3002 WAN interface .

Currently I have static routes on the 3750 as follows:

192.168.2.0 -> 172.22.0.4

192.168.10.0 -> 172.22.0.3

13.0.0.0 - > 172.22.0.17

I have to add route statements to any computer on my LAN side that needs to connect to any of those networks. I know that my verision of the PIX will not redirect routes on the LAN side. I plan on upgrading here shortly to ver 7 of the software.

Can the 3750 do the routing or what is the best solution??

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jlkeys
Level 1
Level 1
In response to g.brown

‎10-24-2006 10:34 AM

You could also look at the 4500 series for your core instead of a 3750. They are pretty affordable and might be well suited for your network.

View solution in original post

0 Helpful
7 Replies 7

Go to solution
jlkeys
Level 1
Level 1

‎10-24-2006 09:29 AM

What is the default gateway for your PC's on the network? It sounds like you may just have the routes in the wrong place.

If your default gateway is your PIX, you might just consider terminating your VPN tunnel there instead and save your 3002 HW client for a rainy day.

0 Helpful

Go to solution
g.brown
Level 1
Level 1
In response to jlkeys

‎10-24-2006 09:46 AM

I have the PIX as the DG. I use the VPN 3002 for VPN as it is on a seperate Public IP than the PIX and the 2811 router passes traffic to each of them on seperate T-1s.

I also have these static routes defined on the PIX. I can ping each of these gateways from the PIX but not from my workstation unless I define a static route at the CMD line.

0 Helpful

Go to solution
jlkeys
Level 1
Level 1
In response to g.brown

‎10-24-2006 10:06 AM

You could also just change the default gateway for the LAN to be the 3750 and do your routing there (and make your default gateway for the 3750 be the PIX).

0 Helpful

Go to solution
g.brown
Level 1
Level 1
In response to jlkeys

‎10-24-2006 10:14 AM

If I did that then what impact would that have on the 3750??

Right now that 3750 has 5 switchs plugged into along with 17 servers and 2 SFP ports.

Is it going to handle the routing aspect fine??

0 Helpful

Go to solution
jlkeys
Level 1
Level 1
In response to g.brown

‎10-24-2006 10:30 AM

It shouldn't have much effect on it. The 3750 will route/switch at wirespeed. It shouldn't add much load at all beause you really don't have alot of traffic to route.

0 Helpful

Go to solution
jlkeys
Level 1
Level 1
In response to g.brown

‎10-24-2006 10:34 AM

You could also look at the 4500 series for your core instead of a 3750. They are pretty affordable and might be well suited for your network.

0 Helpful

Go to solution
g.brown
Level 1
Level 1
In response to jlkeys

‎10-24-2006 11:41 AM

Okay. Tks. I have about $8000 budgeted for a new core switch in my 2007 so I will take a look at the 4500 series.

Tks for all the help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card