09-13-2016 04:46 AM - edited 03-08-2019 07:24 AM
i must segmenting my network. the network would look like in attachment. i have switches cisco catalyst 2960 and all my users go to internet over asa 5510. number of users is 250. the asa 5510 can fullfill the needs? i have one more question. my VLAN70 contains servers.how users from outside of the asa 5510 to access to VLAN70 not like NAT? in VLAN70 contains DNS servers, Domain Controller. those users over NAT wouldn't see Domain controller for authentication. because i'm created VLAN90 that i'd sidestepped the ASA5510 and over VLAN's infratructure i will enable access to server. is this solution possible?
09-14-2016 09:59 AM
09-14-2016 12:58 PM
As regards VLAN90, where the cable went from router to asa 5510 port which belongs to VLAN90 (is this posible?). this construction i would use that users from the others network can authenticating to active directory(VLAN70) and they use the other services. i dont know how use active directory over ASA5510's NAT. can you help me?
09-15-2016 05:24 AM
If I am understanding you correctly:
09-15-2016 09:21 AM
the users from outside ASA 5510 are not from public networks(internet). those users are from the other networks of my company. the ISP is made tunnels from those networks over ISP router to outside ASA5510. my construction with VLAN90 from attached picture will work?the accessing from one VLAN to another also works over NAT?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: