Pix and Windows domains

Discussion in 'Cisco' started by Richard M., May 14, 2007.

  1. Richard M.

    Richard M. Guest

    Hi,

    I have been asked to segregate one subnet from the remainder of the
    network.
    This should be achieved using an ASA.

    For instance, I will have a 10.0.0.0/8 network (A), with the servers
    located in 10.1.0.0/16 subnet (S).
    On the other hand I will have a 192.168.0.0/16 network (B).

    I will have Domain Controllers in the (S) subnet as well in the (B)
    network. And I will have workstations in the (A) and (B) networks.
    (B) workstation will have access to the servers in the (S) subnet, but not
    to the remainder of the (A) network.

    Can this be achieved using a Pix (ASA5520) ?

    I fear that the Pix is intrinsically a "nating" device and will corrupt
    "netlogon" frame. (Because it will alter the src/dest for the packet but not
    the IP addresses inside the frames.)

    Is there a way to perform this ? I feel that I only need to have routing +
    ACL between the two (B) and (S) subnets.

    Thanks for any idea

    --Richard.
     
    Richard M., May 14, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?czNhbiB1aw==?=

    wireless probs and domains

    =?Utf-8?B?czNhbiB1aw==?=, Dec 19, 2005, in forum: Wireless Networking
    Replies:
    4
    Views:
    510
  2. ec
    Replies:
    2
    Views:
    465
    Barry Margolin
    May 26, 2004
  3. Replies:
    1
    Views:
    394
    mcaissie
    Jan 5, 2006
  4. Chris Allen
    Replies:
    6
    Views:
    546
    Chris Bartram
    Sep 4, 2007
  5. fros
    Replies:
    4
    Views:
    552
Loading...

Share This Page