First I would like to introduice myself. I have been working for 1,5j in the IT after my bachelor diploma. During this course I have learned CCNA and found it very interesting, but also quite difficult. I love managing an infrastructure and like everything really controlled and seperated. Most of the time I implement small networks for the SMB-market, so I do both system management as network management. (Network management to the minimum)
Last week was the first time in 1,5j I worked with cisco equipment and to be honest, it was really nice to use the CLI again. I am not very good at it (except for the basic command), but I think I will be going for my CCNA since networks are very interesting.
Now for my question. We had a project with a larger company which has many office all over the world. The previous week we were setting up a VPN-connection to a different site in Denmark (in collaboration with an IT-er of this site). The firewall we are using is an ASA5505.
We came into the following problem: Only 2 desktops of the entire organisation need to have internet access (the desktops in the warehouse may not browse the internet) but all the devices should have access to the local printers. Also: all of the printers need to be accessed by servers in Denmark from the other sites over the VPN-connection.
I have made a visio drawing of my proposition to do this, but I am not sure if this is the best solution (looking at best practices). Could someone please review it and give some notes about my set-up?
Isn’t better to make 1 trunk to switch and seperate vlans on switch? What about management?
This switch is at the moment connected with a fiber connection to a different office. This office has an mpls connection to the site in Denmark. At the moment the fiber is used for access to the servers, but the whole point of this VPN-connection to the site in Denmark is to cut this fiber and let their connection be fully seperated. When any problems occur, this fiber can be reactivated, so we also keep this in mind for seperating the network.
Question not related to this set-up, but when I was inside the local network I tried to RDP to a server of another company over port 15000, but was unable to. Is there an access rule I need to add on the ASA5505? I thought outgoing requests were not blocked by the firewall, only incoming? And what if I 1000 customers and have configured a different port on their firewall to be forwarded to 3389 on the server.. Do I need to allow all of these ports on our ASA5505?
I hope everything is clear about this set-up and you could give me the best scenario. We have also bought the Security plus license on the ASA5505 for trunking and multiple VLANs.
Cisco Digital Network Architecture Center Tools <Template Editor > In this article, we are going to talk about the Cisco Digital Network Architecture Center Template Editor tool.Cisco DNA Center gives us the flexibility and scalability to confi...
Community Live- Cisco SD-WAN Policies: Leveraging the Full Power of Cisco SD-WAN
(Live event - formerly known as Webcast- Tuesday 24 March, 2020 at 10 am Pacific/ 1 pm Eastern / 6 pm Paris)
This event had place on Tuesday 24th, March 2020 at 10hrs P...
IS there a way to upgrade the ios on a cisco 9200l switch using a usb drive instead of using a tftp server? If so could someone point me to the article or tell me how this can be done? These switches seem to be more complicated than previous switches. Tha...
Hello,I'm needing to integrate the Cisco Firepower 2110 into our Data Center JUST to fulfill Site-to-Site and Remote Access VPN. My SD-WAN ISRs already have FW and IPS running, which is what I want since I have internet breakouts at my branches, so this D...
Hi, Switch 1 and switch 2 connected via trunk. Both configured with new vlan 3.When creating new vlan 3, is it need to include "Spanning-tree vlan 3 priority 8192"- Sw 1 and "Spanning-tree vlan 3 priority 16384"-Sw 2?What will happen for those s...