what do I need to do this? seperating 2 office networks, at least in 1 direction.

Discussion in 'Cisco' started by Kremlar, Jan 13, 2005.

  1. Kremlar

    Kremlar Guest

    Sorry for my inexperience, but I'm looking for some basic advice to get
    started.

    We are looking to add a Terminal Server and file server to our office (let's
    call this NETWORK B), but want to be sure that any remote users terminal
    serving in cannot see ANYTHING on our existing network (I'll call it NETWORK
    A).

    I know I could do this with Active Directory user permissions, but I'd
    rather do it at the router/hardware level if possible. The catch is that I
    need users on our existing network (I'll call it NETWORK A) to be able to
    use specific resources on NETWORK B - say start a remote session on Terminal
    Server, or maybe dump some large files to the file server.

    I'm considering 2 scenarios - either sharing an internet connection between
    NETWORK A and NETWORK B, or possibly getting each network a seperate
    internet connection.

    Assuming I want to share an internet connection, I would imagine a router
    attached to the incoming T1 with 2 LAN connections, and rules setup on the
    router to allow traffic from NETWORK A (say 192.168.0.x) users to NETWORK B
    (say 192.168.1.x), but not vice versa.

    Is this possible? If so, what products should I be looking at?

    The other option I am considering is dedicated internet connections.
    Probably a basic DSL for NETWORK A and a full T1 for NETWORK B. In that
    case, the networks would be almost completely seperated. What would bridge
    the 2 together? How would that change things?

    Again, sorry if I'm asking some very basic questions, but I'm hoping someone
    could point me in the right direction.

    Thanks!
    Mike
     
    Kremlar, Jan 13, 2005
    #1
    1. Advertising

  2. Kremlar

    Kevin Widner Guest

    Re: what do I need to do this? seperating 2 office networks, at least in 1 direction.

    I'm considering 2 scenarios - either sharing an internet connection
    between
    NETWORK A and NETWORK B, or possibly getting each network a seperate
    internet connection.


    Choose the first scenario, less devices to manage, and a more simple
    setup. All you need to do is apply the appropriate ACL's to make it
    happen.

    The question of what equipment you will need is always debatable and
    depends on your requirements. When doing file transfers between
    Network A & B, if you can live with a 10Mb/s transfer, you could
    purchase something like a Cisco 1721 with a T1 CSU/DSU WIC card and an
    additional 10base Ethernet card. (A 100base modular card isn't
    available) But if a 10Mbit transfer isn't going to cut it, consider
    setting up a "router on a stick" configuration. You can search for this
    term and find examples on Ciso's website. Basically, you would want a
    managed switch that you would setup seperate vlans for the seperate
    networks, then connect the switch to the router which would provide
    your T1 interface.

    You haven't mentioned anything that would make one think you need
    anything more than the 1721 model. No VPN tunnels to terminate? No VOIP
    considerations, extra redundancy, or anything like that? I ask because
    the 1721 wouldn't leave much room for expansion.
     
    Kevin Widner, Jan 13, 2005
    #2
    1. Advertising

  3. Kremlar

    Kremlar Guest

    Re: what do I need to do this? seperating 2 office networks, at least in 1 direction.

    Actually - yes, thanks for the reminder. Remote user and/or offices would
    need to VPN into NETWORK B. I would imagine some single users with a Cisco
    VPN client installed on their PC, and possibly some entire offices with
    10-15 users wanting to VPN into our Terminal Servers.

    Maybe a total of 20-30 VPNs - some single users, some entire offices.

    10Mbps between NETWORK A and NETWORK B, however, may be acceptable...

    Thanks again for the great suggestions!



    "Kevin Widner" <> wrote in message
    news:...
    > You haven't mentioned anything that would make one think you need
    > anything more than the 1721 model. No VPN tunnels to terminate? No VOIP
    > considerations, extra redundancy, or anything like that? I ask because
    > the 1721 wouldn't leave much room for expansion.
    >
     
    Kremlar, Jan 13, 2005
    #3
  4. Kremlar

    Kevin Widner Guest

    Re: what do I need to do this? seperating 2 office networks, at least in 1 direction.

    Maybe a total of 20-30 VPNs - some single users, some entire offices.

    ==

    Doesn't sound like you will need any additional interfaces anytime soon
    then, but you might want to look at the optional encryption module for
    the 1721. It will help ensure your router is up to the task without
    having to buy a beefier model.

    >From Cisco's datasheet:


    Hardware VPN Encryption Module

    All Cisco 1700 models are equipped with an internal expansion slot to
    support an optional field-installable hardware VPN encryption module.
    The VPN encryption module offloads encryption processing from the Cisco
    1700 Series RISC processor, providing performance up to T1/E1 speeds.
    The VPN encryption module (MOD1700-VPN) supports a maximum of 100
    remote access tunnels.
     
    Kevin Widner, Jan 13, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dennis

    Need advice with certification/training direction, please

    Dennis, Jul 18, 2004, in forum: Microsoft Certification
    Replies:
    1
    Views:
    469
    TechGeekPro
    Jul 18, 2004
  2. patience

    need direction

    patience, Nov 26, 2003, in forum: MCSD
    Replies:
    4
    Views:
    431
    Guest
    Dec 3, 2003
  3. Blake
    Replies:
    1
    Views:
    504
    Blake
    Aug 21, 2006
  4. Replies:
    7
    Views:
    596
    Susan Bugher
    Jul 12, 2007
  5. Colin Trunt

    Problem with seperating sound on PC.

    Colin Trunt, Jun 28, 2010, in forum: Computer Information
    Replies:
    0
    Views:
    483
    Colin Trunt
    Jun 28, 2010
Loading...

Share This Page