Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

MPLS Best Practices.  Is it best practice to have an MPLS line going directly to the LAN switch or through a firewall first?

Posted on 2008-10-30
1
Medium Priority
?
910 Views
Last Modified: 2008-11-10
It seems to me you can control traffic using the MPLS router.  We have an MPLS line that connects offices A (us), B and C.  It hits a Sonic firewall on A (us) before it gets into our LAN.

Office "B" is trying to hit our local LAN and it works fine.  

Office "C" wants to hit our LAN and then use our internet gateway to get out to the net.  This doesn't seem to be working when they try to reach the net thru us though.  Is there a better way to accomplish this?



                          SONICWALL           SONIC WALL  
                                   |                              |
Office B-----MPLS------>Office A (us)---------OUR Internet---(office C is trying to go out thru us)
                                               | SONIC WALL
                                            mpls
                                          Office C    



0
Comment
Question by:Sp0cky
1 Comment
 
LVL 43

Accepted Solution

by:
JFrederick29 earned 2000 total points
ID: 22842222
Myself, I would personally have the private MPLS come into the switch instead of the Firewall as these are internal sites (unless you want to restrict traffic obviously).  This would also make your Sonicwall policy more simple and take care of the "hairpin" issue you are experiencing with traffic coming into the Firewall outside and going back out the outside interface to the Internet.
0

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
Last month, the FCC voted to repeal Title II, the framework supporting net neutrality across all broadband ISPs. We sat down with Doug Walton, database administrator at Experts Exchange to gauge his opinion of what will happen next.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question