01-08-2013 09:58 AM - edited 03-04-2019 06:37 PM
Hello all-
I have network design issues for my client. Please see the network config below.
Current Network:
There are four logical networks configured on the switch, the switch is connected to the router, and the router is connected to the MPLS to hit the other locations. All the networks can fully talk to each other.
Proposed Solution:
1. My client wants to install the firewall, and setup all the policy for those four logical networks on the firewall. Please see attached. For example, Employee network can be accessed all the network, but student network will be restircted to access to few servers from the server network.
2. There will be second switch connected to this main switch through the fiber. So this main switch should be run on the layer 3.
Any recommendation on the proposed soulution?
Regards,
Joe
01-08-2013 10:49 AM
Hello Joe,
Prior the the proposed solution, is the router the default gateway for the clients or is the 4507? Have you considered possibly looking into CBAC or ZBFW on the router itself to control internal traffic?
01-08-2013 10:53 AM
Hello Gabriel,
It is for the 4507. Client requests to setup the policy on the firewall.
Regards,
Joe
01-09-2013 10:05 AM
Hello Everyone, any recommendation would appriciated.
01-09-2013 08:31 PM
Move the layer 3 interfaces for the Vlans up to the Asa off of the 4507, then configure the policy as necessary.
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide