Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

How to configure switch to route ISP ethernet handoff? (L3 or VLAN routing)

I have an ISP providing a redundant internet circuit through Ethernet handoff, and I need to route their border network to my firewall which will hold the public IP address block.  The handoffs will go into 2 3750 switches stacked, which in turn will be uplinked to an ASA active/standby pair.  How do I configure the switches to handle the traffic?  The equipment isn't in place yet so I can't test the configuration; just trying to validate the plan.  I'm not sure of the pros/cons of using L3 switchport vs VLAN routing.


Example, ISP provides 2 drops, and, and a virtual gateway to route traffic out to the internet, (FYI - in reality these are public IP's, just using privates for example).  Assume the public block is  I need to configure the 3750 switches with interfaces of and  The ASA firewall outside interface will be

The ISP routes everything destined for to  I need to route all outbound internet traffic to


So the 3750 would have a layer 3 port-channel with IP to uplink to the ISP drops.  It will also have another layer 3 port-channel with IP (or should I use a VLAN interface for both or either?).  The ASA outside interface will be  On the ASA my default route out is  The default route on the 3750 stack will be



                                                                           /                                              \

[INTERNET]----[ISP-BORDER-VIP-]                                                 [3750-L3-PORT-]----------[ASA-]

                                                                           \                                              /