MPLS Connection routing on ASA

Hello Everyone in this finest community :) I have another problem.

I have an ASA 5510 and 5505 in another location
Current Connection information:

Austin Office  ----ASA 5510--- < IPSEC CONNECTION >------ASA 5505  Phoenix Office
            |                                                                                                                  |
 Internet Access                                                                                           Internet Connection



New connection (proposed)
                                  (MPLS only routes between sites, default route on the MPLS is the ASA in each location)
Austin ASA 5510  ------- CISCO 2800 MPLS ------< MPLS > --CISCO 2800-----ASA 5505 Phoenix Office
          |                                                                                                                                     |
   Internet Connection                                                                                                      Internet Connection
   

The ASA has to still stay as a default gateway and I need to add routing statements on the FW level and not on the workstation level with the ROUTE ADD -P method.

Now I looked around and apparently this config cannot exist where the ASA is a default gateway and you have traffic to another location pushed to another gateway IP. BTW the asa is 172.16.1.1 and the MPLS router is 172.16.1.2, so they lay within same subnet .

The network details:

Phoenix has 10.3.0.0 / 24
ASA in Phoenix is 10.3.0.1 and the MPLS box is 10.3.0.254


Austin has 172.16.0.0 / 16
ASA in Phoenix is 172.16.1.1 and the MPLS box is 172.16.1.2

Can we do such routing ?

Any ideas ?
muscoloAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
JFrederick29Connect With a Mentor Commented:
You would be better off having the 2800 at each site the default gateway.  You can then simply add a default route on the 2800's at each site pointing to the ASA as well as the appropriate routes on the 2800's to the other sites LAN.
0
 
lrmooreCommented:
ditto. Very simple solution to just use the MPLS router as the default gateway for the local LAN. Let it make all the routing decisions. You can take it a step further and have a VPN tunnel between the two firewalls be a backup route for the MPLS. You can enable OSPF routing between the MPLS router and the PIX/ASA
0
All Courses

From novice to tech pro — start learning today.