From: Stefan Grey (examplebrain@hotmail.com)
Date: Thu Mar 30 2006 - 03:44:35 GMT-3
Thank you very much who participated in the previous discussion. Be very
thankfull if you'll advise me in the following task:
Modified task: From SP we get 3 connections:
1. internet 2 Mb (through ASSL modem)
2. IPSEC VPN 1 Mb for 3 nodes (through ADSL modem). GRE is not needed.
3. Frame-relay now 128k. Connected in small router. Is used to connect to
the remote site. Local network.
So there are 3 ethernet links available tothe client. It seems that in the
central office the DMZ is planned for their Servers. Office is above 500
people.
It is needed to propose 2 variants to receive traffic and provide perimeter
security. (FW and IPS are needed).
1. minimal
2. Redundancy+failover. Because the CO is large they think about failover as
well and will look at both variants.
What would you advise
From my point of view:
1st put every thing in 1 ASA. 3 eth to receive all stuff, 1 eth for local
network, 1 for DMZ.
2i variant, I try to draw the scheme with 2 ASAs and active/standby
failover, but I o{r`~q| m`phqnb`r| wrn-rn q dbsl ASA q active/standby but
I need the 6th interface and I am absolutely not sure in my design.
Any thoughts?? Maybe ther is some reason to use ISR?
Any help highly appreciated.
This archive was generated by hypermail 2.1.4 : Sat Apr 01 2006 - 10:07:40 GMT-3