[c-nsp] Asa 5520 supports MPLS?
Peter Rathlev
peter at rathlev.dk
Wed Jun 25 10:14:13 EDT 2008
On Wed, 2008-06-25 at 16:02 +0300, Eimantas wrote:
> I have situation:
>
> mpls edge router ----- asa 5520 (routing mode) ----- mpls network -----
> mpls edge router
>
> if i understand correct, this situation will not work?
Well, the routers connected to the ASA would be MPLS PEs, doing tag
imposition/popping. You would send the VRFs via VRF Lite as
subinterfaces to the ASA, and these interfaces could be split among one
or more contexts on the ASA. This works fine.
Which is the "best" way would depend on what you're trying to accomplish
and what kind of network we're talking about. If the firewall is
supposed to provide routing between a couple of VRFs you'd just use a
single context in routed mode. If you're providing firewall services for
different VRFs you could use multiple context mode.
It all depends on what problem you're trying to solve. :-)
Regards,
Peter
More information about the cisco-nsp
mailing list