Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

MPLS on Lan switch

Having problems getting two sites communicating over a MPLS network.  Both sites have an Internet Leg of the MPLS which is connected to the ASA and a LAN leg which is connected to a switch on an inside interface.  Both sites have the ASA as the default gateway for all computers.  Both have a static route in the ASA pointing to the MPLS circuit to get to the other network. 

Site A---ASA-192.168.1.1

Site A---MPLS-192.168.1.254

Site A-Server 192.168.1.20

 

Site B ASA 192.168.2.1

Site B MPLS 192.168.2.254

Site B Server 192.168.2.20

 

 

Site A

Internet-- 5505---Switch---MPLS------>

                                 L ----Servers

 

SiteB

Internet-- 5510---Switch---MPLS------>

                                 L ----Servers

 

If I put a static route on the servers in site a bypassing the ASA for traffic to site B pings/connectivity is fine.  Without the static route it appears the traffic goes to the ASA and dies.

 

I have added the same-security-traffic permit intra-interface command but it hasn't helped.

ASA version is 9.1(1)

ASDM version is 7.1(1)

2 REPLIES
Community Member

Out of curiosity if you show

Out of curiosity if you show your arp table on a client are all of the address pointing to the same MAC address? Your ASAs may be doing arp proxy.

 

no sysopt noproxyarp interface ie inside

 

http://www.packetu.com/2011/11/07/the-asas-arp-behavior/

Hi ,Run packet-tracer command

Hi ,

Run packet-tracer command between source (192.168.1.20) to destination (192.168.2.20)  , paste the output , to investigate further .

HTH
sandy

111
Views
0
Helpful
2
Replies
CreatePlease to create content