cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
634
Views
0
Helpful
5
Replies

ISP Router to Switch via VLAN

JohnTylerPearce
Level 7
Level 7

Let's say I have an ISP router, which is a 7200 (random model number), and I want to get a new network put on this router for 100.200.100.0/26.

I'm assuming that the ISP will put a BGP router on the ISP router for 100.200.100.0/26 so that internet hosts can find this address. Now from the

ISP router it will go to an ASA and then to a core switch and throughout a switched network. So on the ASA I put a route statement which reads

as "route inside 100.200.100.0 255.255.255.192 next-hop", I then setup an interface for the vlan, which will be the default gateway for the clients.

Then you would make sure that this vlan is allowed on your trunk(s) to the specified switches.  The clients would then use lets say 100.200.100.1

as their default gateway which will be the interface vlan IP for that specific vlan.

Diagram

------------

Metro-E ------> ISP7200 ------> ASA ------> Core Switch ---Trunk---> SwitchA --->Trunk ---> Clients

Would this scenario be correct?

1 Accepted Solution

Accepted Solutions

Edison Ortiz
Hall of Fame
Hall of Fame

The ISP router will also need a static route pointing to the ASA for network 100.200.100.0/26

Having a BGP network statement won't be enough as the route must be in the routing table in order to be advertised by BGP.

The remaining config seems correct (assuming the Core Switch has a default route pointing to the ASA).

I'm also assuming you are not planning to NAT this subnet?

View solution in original post

5 Replies 5

Edison Ortiz
Hall of Fame
Hall of Fame

The ISP router will also need a static route pointing to the ASA for network 100.200.100.0/26

Having a BGP network statement won't be enough as the route must be in the routing table in order to be advertised by BGP.

The remaining config seems correct (assuming the Core Switch has a default route pointing to the ASA).

I'm also assuming you are not planning to NAT this subnet?

No I'm not planning on using NAT with this subnet. Thanks for the refresh about BGP, I forgot you do need a route in

your routing table in order to advertise a route via BGP.

Now if the ISP router already has another public address range which is currently being used, and is connected to the ASA,

would I need to have another cable from the 7200 going to a differnet port on the ASA?

If the ISP router has a public IP address range and you need reachability from the ASA, all you need is a 'route outside' command in the ASA pointing to the ISP router connected interface as the gateway.

You don't need another physical connection for this.

So I assume then, that if internet host A wants to access a server on this new network range, he will eventually be routed to the BGP router which is the ISP router 7200, which will then find a directly connected route to this network, and will ARP for the server, which will travel from the connection going from the 7200 to the ASA, and down the yellow brick road basically?

Sorry, if I"m being a pain, I just like to know everything in very fine detail.

Nevermind Edison I figured it out. Thanks for all the help.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: