And the ISP will route our public range (18.104.22.168/24) to our layer 3 switch. From there, I can route this public range onto the outside of our ASA, which NATs the public IPs onto the private IPs of the servers in my LAN.
I think this will be fine for the servers behind the firewall, but I can't work out how to add a site-to-site VPN on the firewall. Obviously I can't route to 10.0.0.2 over the public internet, but I can't see how to get the firewall to see an incoming packet for one of the public IPs, and treat that as if it was sent to the Firewall. Do I need a static NAT statement from the public IP (22.214.171.124) to the private IP of the firewall (10.0.0.2)?
Has anyone else ever come across this problem? Any ideas?
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...