I am putting together a plan to change the IP scheme of the internal LAN from a 192.168.1.x (255.255.255.0) to a 10.x.x.x (255.0.0.0). I am trying to lay out the plan of action and also have to account for some remote locations. Our current topology is:
We have a Cisco ASA 5510 (220.127.116.11) with a VLAN of 192.168.2.1 which routes to a provider managed CheckPoint Firewall. This CheckPoint device creates a site-to-site vpn to a remote network for business applications.
Remote sites: Each remote site is currently managed by an outside vendor, but we are taking these sites back into our corporate network. I am planning on putting a Cisco ASA 5505 in each location.
My plan of action is;
Change the IP of the router (10.0.1.1 - 255.0.0.0) and the DC (10.0.1.11 - 255..0.0.0)
Set the new scope for the internal LAN (10.0.1.100 - 10.0.10.255 - 255.0.0.0)
Change static devices (servers, printers, routers, switches, etc.)
Change the internal routes on the Cisco 5510 (mail, ftp, etc)
Boot up the DHCP devices (PC's, MAC's, etc)
Insure that everything is running on the local LAN and the WAN connections are fine.
For the remote locations (6):
I am planning on giving each of them 10.0.11.x - 255.0.0.0 and then moving to 10.0.12.x, etc.
I would set the ASA in each location to 10.0.11.1, 10.0.12.1, etc. with subnets masks of 255.0.0.0. All of the PC's are static so that's fine.
The ASA at each remote location would create a site-to-site vpn back to the corporate LAN.
What am I missing?