Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco Rotuing

Status
Not open for further replies.
cisco222

cisco222

Vendor
Jul 9, 2007
28
GB
we have just implemented a cisco asa 5510 onto an existing network which runs along side a Fortigate they are not connected in any way. I need to get both networks talkig to each other, i'm struggling to think of the best way to do this. see network below

Network A
Fortigate LAN
192.168.0.250 > Cisco 3560(192.168.0.2) > Cisco3560 (192.168.0.1)


Network B
Cisco ASA Lan
10.80.0.250 >Cisco2960(192.168.0.248)

how do i get these talkig to each other do i plug a cable from the 2960 (class b network ) and one into one of the switches in the class A ?? I'm confused as the swtich on network B is only layer 2? Can someone help me understand what i need to do? I can attach a network diagram if that helps?

 
Sort by date Sort by votes
do it properly ..
create a transit network ,
put both of them in that network
configure routing to each respective network.

i would also start using vlans if you aren't.


We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 
Upvote 0 Downvote
sorry , got distracted..
example:
transit network :172.16.0.0/28
Fortigate:172.16.0.1
ASA: 172.16.0.6

/28 for future growth in case you have multipl devices you want to use VRRP or HSRP on ..

on the fortigate you put a route (vdom --> system --> Router)[going off top of my head so forgive me if in diff location) and tell it that 10.80.0.0/24 ( i am assuming it is /24 ) and gateway is 172.16.0.6 and do the reverse for the ASA.

now i would actually create a vlan for my transit, say vlan 10 and create a new ZONE under the fortigate with a new interface [vlan tag 70] and name it Transit.
same on the ASA , create a new interface, call it Transit for readability.

hope this helps.

cheers,


We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 
Upvote 0 Downvote
so i would create an additional interface on both the asa and the fortigate say on vlan 10 both on 172.16..0.0 network plug them into the switch and allow then vlans through the switch?
 
Upvote 0 Downvote
yes and the routing ...
and the firewall rules...

on the FGT you will need policies allowing each network to talk .
same on asa


We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

pbxcomm
  • Locked
  • Question
CISCO VG450
Replies
1
Views
221
bdk76
bdk76
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
201
madwok
madwok
Jared R
  • Locked
  • Question
Cisco UC320W Paging Help
Replies
0
Views
203
Jared R
Jared R
Hayden09
  • Locked
  • Question
Cisco Sg-300 Flapping?
Replies
0
Views
206
Hayden09
Hayden09
JMarine0811
  • Locked
  • Question
CISCO VG450 Factory reset
Replies
1
Views
263
whykap
whykap

Part and Inventory Search

Sponsor

Back
Top