I am staring at this 1921 configuration trying to figure out how to mirror it on a new MX100. Admittedly, I am a novice with all of this, and am in over my head.
Does anyone have suggestions on how to best navigate this migration?
Hi! I´d like to know what kind of configs do you have? Bc with MX you´ll have a little bit limitations than other cisco routers. For sample NAT between VLANs
I have access to the 1921, so I can get a copy of anything that is needed. Right now I am looking at the running config.
Okay, so you have a 1921. What role was it playing for you? Is it your immediate 'edge device' - connects to your ISP's equipment?
What device is in between that 1921 and the rest of your network? This may change our advice.
The first things I'd look at:
1. NAT statements
2. Port forwarding
3. Access-control lists
4. Subnets in use
5. VLANs if applicable.
1921 is the edge.
Inside there are Cisco Switches (3560's and 2960's)
I wish I could just post the whole config here, but that's not a good idea.
Many NAT Statements
Don't see any port forwarding
Several ACLs
Subnets and VLANs
Not a simple config by any means.
ip nat inside source static tcp x.x.x.x 25 interface GigabitEthernet0/1 25
Lots of those...
Ok, good. I think I can figure that out.
How about this. Setting up the VLANs I see... would the subnet for this be 10.19.223.0/24 and the mx ip be 10.19.223.61?
interface Vlan25
description Production$FW_INSIDE$
ip address 10.19.223.61 255.255.255.0
ip access-group inside-out in
ip flow ingress
ip nat inside
ip virtual-reassembly in
zone-member security in-zone
ip policy route-map web-traffic
No way to do object-group network?\
object-group network AB07-RDP
host 10.19.223.181
Currently not, Objects are (still) in Beta right now.
How about "ip nat inside source route-map"
I think it would be best to use the Cisco partner locator and find someone near you to do this conversion.
https://locatr.cloudapps.cisco.com/WWChannels/LOCATR/openBasicSearch.do