Dynamic routing over Internet using ASA 5505/5510

Hi everyone,

I have a problem I can't seem to resolve and I would like your inputs.

Here's the scenario. There are three different sites, two are composed of Multilayer switches cisco 3560 and 3570 as core switches (a 3560 in one site and a 3570 in another site), the last site doesn't have any routers just a 2950 switch. Each site has two asa 5505 as firewalls. Two Internet connexions are connected to every site, one on every firewall. One Internet line is used to connect the different sites together using VPN crypted with IPsec and the other line is just for Internet access. The line that is used to interconnect sites contains voice and data traffic.

At the moment all the routes are static routes, the network isn't too big for now and counts not more than 20 subnets.
But it is evolving, and I want to use dynamic routing, EIGRP to be more accurate. I've looked into it and I'm not sure how to make it work. The VPNs active on the ASAs don't support dynamic routing, so I thought about GRE tunnels but the ASAs don't seem to allow it either.

I don't have much flexibility, I can't just remove an Internet connexion let alone buy new equipment. I'm stuck with that topology and I need to find a way to make it work.

So I don't really know how I am going to make it work.

Thanks in advance for any help you'll offer me.


Sign In or Register to comment.