Network Layout Advice

Discussion in 'Cisco' started by Leo, Apr 29, 2004.

  1. Leo

    Leo Guest

    Hi,
    I need some advice on how to best setup a new network after our move.
    We currently have a server at a datacenter with an internet
    connection going out. There will be a local loop T1 ( 1.5 ) connection
    between the datacenter's cage and the local office. We also have a
    static ip buisness DSL connection.

    Goal: 1. To setup a network layout where there will be redundancy
    incase

    the T1 goes down.

    2. Prevent some of the computers form accessing the server at the
    datacenter, while still alow them to print (ip_printers) and see
    other network computers.

    Equipment:
    Datacenter:

    Cisco 1700 ( one end of the T1 local loop )

    Sonic Wall Pro 230 ( firewwall and datacenter gateway and

    internet router)
    8 port Switch

    Office:
    Cisco 1700 ( other end of the T1 local loop )
    Sonicwall SOHO3 firewall
    DSL modem
    2 24 port unmanaged switches

    What is the best way to use the existing equipment to accomplic goals
    1 and 2?

    Planned Solution:

    - Assign static ips to all workstations. Restrict unwanted
    workstation ips access to server using a software firewall on the
    linux server.

    - Patch all workstations to the first switch and connect the 1700 to
    the same switch

    - Setup the sonicwall with the DSL ip and connect it to the second
    switch

    - leave an extra patch cord for interconnection of the two switches

    - Setup routing tables so all ip traffic goes out of the T1.

    - Setup a VPN tunnel using DSL Sonciwall SOHO3 to Sonicwall Pro 230 (
    used in case of emergency )

    All Workstations will be connected to the first switch and will route
    out of the

    cisco 1700.
    If local loop fails, we will connect the two switches with the extra
    patch cord and turn off the cisco 1700. Until matter is resolved
    with the carrier, all data will flow out of the DSL using the
    sonicwall SOHO3 and the workstations will be able to see the server
    through the VPN. The same IP chains that denied them access, will
    still be inefect on the server side, so workstations that are on the
    block list will still be denied through the VPN network.

    Is there a better way to do this? I'd like to hear your comments.

    Thank you in advance for your help and input.

    - Leo
     
    Leo, Apr 29, 2004
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Replies:
    4
    Views:
    585
  2. Sameer
    Replies:
    1
    Views:
    695
    Chris O
    Dec 10, 2003
  3. Godfried Boshuizen

    Layout DB60 crossover cable

    Godfried Boshuizen, Feb 20, 2004, in forum: Cisco
    Replies:
    1
    Views:
    1,867
    Chris O
    Feb 20, 2004
  4. LGJr.
    Replies:
    3
    Views:
    1,548
    LGJr.
    Jul 25, 2005
  5. Bun Mui
    Replies:
    0
    Views:
    723
    Bun Mui
    Aug 23, 2004
Loading...

Share This Page