INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Cisco Rotuing

Cisco Rotuing

(OP)
we have just implemented a cisco asa 5510 onto an existing network which runs along side a Fortigate they are not connected in any way. I need to get both networks talkig to each other, i'm struggling to think of the best way to do this. see network below

Network A
Fortigate LAN
192.168.0.250 > Cisco 3560(192.168.0.2) > Cisco3560 (192.168.0.1)


Network B
Cisco ASA Lan
10.80.0.250 >Cisco2960(192.168.0.248)

how do i get these talkig to each other do i plug a cable from the 2960 (class b network ) and one into one of the switches in the class A ?? I'm confused as the swtich on network B is only layer 2? Can someone help me understand what i need to do? I can attach a network diagram if that helps?

RE: Cisco Rotuing

do it properly ..
create a transit network ,
put both of them in that network
configure routing to each respective network.

i would also start using vlans if you aren't.

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

RE: Cisco Rotuing

sorry , got distracted..
example:
transit network :172.16.0.0/28
Fortigate:172.16.0.1
ASA: 172.16.0.6

/28 for future growth in case you have multipl devices you want to use VRRP or HSRP on ..

on the fortigate you put a route (vdom --> system --> Router)[going off top of my head so forgive me if in diff location) and tell it that 10.80.0.0/24 ( i am assuming it is /24 ) and gateway is 172.16.0.6 and do the reverse for the ASA.

now i would actually create a vlan for my transit, say vlan 10 and create a new ZONE under the fortigate with a new interface [vlan tag 70] and name it Transit.
same on the ASA , create a new interface, call it Transit for readability.

hope this helps.

cheers,

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

RE: Cisco Rotuing

(OP)
so i would create an additional interface on both the asa and the fortigate say on vlan 10 both on 172.16..0.0 network plug them into the switch and allow then vlans through the switch?

RE: Cisco Rotuing

yes and the routing ...
and the firewall rules...

on the FGT you will need policies allowing each network to talk .
same on asa

We must go always forward, not backward
always up, not down and always twirling twirling towards infinity.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close