Re: ISA and Separating Networks

Steve,

Thanks for the continued help. A few more questions though.

> You need the switch to connect all the "outsides" together to the inside
> of the cisco router. Creating network diagrams in ascii can be a little
> tricky. <g>
>
> Lets try again (trying with ASCII box characters):

[DIAGRAM WAS HERE]

Thanks for taking the time to build the diagram. I understand exactly what
you are talking about. The question I have is: we have switches all over the
building and we have never had renters before. That said, when we wired the
building, it was wired such where the main switch was wired to the nearby
computers as well as other swtiches in other places in the building which,
in turn, are wired to the nearby computers. Basically, this is a long
explanation for saying that I do not have two sets of wires (one for us and
one for them). I am thinking that this should not be a problem as long as
the Cisco router, firewall, and SBS (the three elements in the diagram) are
configured correctly. Is this correct. I hope it is, otherwise I have a big
problem.


> If the Cisco is performing NAT, then the "in-between" network (ie where
> the switch connects the LAN side of the Cisco to the WAN sides of the
> firewall and SBS) will be using a private IP range, and all of the Cisco
> LAN nic, the firewall WAN nic, and the SBS external/WAN nic will have IPs
> in that range.
>
> If the Cisco is not performing NAT, just regular routing, then the Cisco
> will only have a single IP, and both the firewall WAN nic and SBS
> external/WAN nic must have public IPs.

I am now thinking that the Cisco does not perform the NAT because my SBS has
a public IP. From what I gathered from what you were saying, the external IP
on the SBS signals no NAT. Is that correct. I have enought IPs to make this
happen.

> Any firewall will do, just as long as it supports enough users to cover
> their whole network. The SonicWall SOHO sounds fine (subject to user
> counts).

I have a 25 user license on the firewall. By the way: why a firewall and not
a router?

If everything I assumed is correct, it sounds like all I have to do is plug
that SOHO in, configure it with the external IP with a gateway of the IP of
the Cisco (thats what I did on the SBS), and then configure the lesees PCs
to connect to the SOHO. Does that sound right.

Sorry for all the questions, but this is the first time I have done this. I
appreciate the continued help. Thanks again,

Chris



.

Relevant Pages

  • Adjunto 24k ! Error conexión remota 2003 SBS
    ... He habilitado la conexión remota de sbs 2003 para trabajadores que acceden ... Servidor 2003 SBS con 1 tarjeta de red, IP de clase C, conectada a switch ... Internamente desde Lan funciona todo a las 1000 maravillas. ... Problemas del firewall? ...
    (microsoft.public.windows.server.sbs)
  • Re: LAN ip subnet is moving off from a bigger enterprise
    ... plugged to their main switch and there is a rule on the switch to seperate ... SBS network switch to allow share resource. ... that crossover cable, instead of the firewall ...
    (microsoft.public.windows.server.sbs)
  • Re: ISA and Separating Networks
    ... I would not recommend attempting to use your SBS to provide network management in this fashion. ... does the cable that goes into his WAN link come from? ... of the cisco router. ... the WAN side of that firewall. ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: [fw-wiz] Vlans as effective security measures?
    ... comparison between switch physical back plane architecture and VLAN security. ... >is not an effective adjunct to firewall and router security policies. ... Cisco Systems Inc. ...
    (Firewall-Wizards)
  • Re: slow page downloads
    ... >Pages are served from mainframe sitting behind a CISCO 11506 content switch. ... >We disabled the firewall on the XP client machines and it works as normal. ... This defeats the purpose of having the content switch ... your Cisco content switch and the XP2 SP2 firewall? ...
    (microsoft.public.inetserver.iis)