Setup another subnet with max security
Posted on 2003-10-24
I am not a networking expert by any means, but I am the only person at my company that can handle the network problem that I am having.
My network configuration is set up as follows: 2610 Cisco Router (outside) that is connected to a Pix 506e which goes into a Cisco 2924 Catalyst Switch and then into my LAN. I have only one subnet 192.168.x.x and the switch has only one VLAN on it for my domain (default settings). I have a VPN tunnel set up on my PIX that goes to our client using IPSec. We have complete access to our clients LAN, which we use to support them.
My problem is I built a Win2K (Advanced Server) with SQL server on it. I am using a software program that runs an inventory scan of our client’s machines. Well the inventory software developers (who’s product we are using) want complete 24x7 access to this server for updates and to verify data integrity (they will use TSC to access this server so I will open a port on our firewall and router for them to come in on). From a security stand point we do not want this vendor to be able to see our local domain or our clients domain. So I want to put this stand-alone server on another subnet to hide our domains from the inventory software developers. My router has only one Ethernet port and we are not going to buy another router with two Ethernet ports on it right now. In summary, I need to know how can I set up a stand-alone server (on another subnet with optimum security) allowing our vendor access this stand-alone server and allow my company and our client to see this server on our domains?
Thanks for your help in advance.