This question is related to the design and setup of a access server using terminal asynchronous connections.
Available hardware and layout consists of a Cisco 2621 router - 1 T1 CSU/DSU module with 2 Ethernet ports. T1 out to the internet with 16 public ip address on Ethernet 0/0 and private class B network implemented on Ethernet 0/1 using NAT to get out to the internet. Cisco 2924 switch currently configured with 2 vlans one conected to Ethernet 0/0 - public ports 1-16 and vlan 2 connected to Ethernet 0/1 the private addresses. This layout can be changed.
The goal is to have cisco labs that can be accessed by our students via the internet. What is the prefered method of design allowing students to access four different labs consisting of up to five devices in each lab. Students must have access into only their own labs.
Thought of purchasing a NM-16A: Sixteen-port Asynchronous Network Module and using the Cisco 2621 as a access server where the students can open up a reverse telnet session with the appropiate lab. Not sure how to implement the security here and if implemented this way the students would have user access into the cisco 2621 where we have security settings etc set up - access lists and firewall. The second option was to implement 2509 access routers per lab where the user would telnet directly into the access router using a public ip address and then open up a asynchronous terminal connection into the lab.
Your opinion on the design is greatly appreciated...