Solved

Network Equipment Question

Posted on 2013-06-27
1
284 Views
Last Modified: 2013-07-06
I have 3 production line that have about 10 different pieces of equipment on each line from different vendors each.
 
We want to supply SSL VPN access to each line and each piece of equipment so each vendor can only accesss this equipment. They have already started this project and they fired the contractor 50% finished due to conflicts so now I am picking it up.
 
Thay have this proposed setup ISP> Cisco ISR 887VA>Cisco ASA 5512-X> Cisco Catalyst Core Switch which each line plugs into. The controller of each line sits on the core switch and server subnet of each line and has a layer 3 switch to allow commas to all the equipment it controls.
 
So first question if they have the ASA is the ISR 887 VA even needed? Can't the routing be done in the ASA since it's not that much? Would that be better?
 
The only thing I see they gain with having the ISR in front of the ASA is that the ISR is setup to be the DSL modem in a way and the ISR can hanlde dual WAN connections (internet connections) but dual ISP's are not planned for this setup. Do they even need the ISR?
 
Second question is how will the routing be done? The networking equioment will be on 172.16.1.0-255 so I can setup the VPN to connect the VPN user based on the credentials to the core switch and server subnet of each line easily and being a layer 3 switch they would be able to see all 10 pieces of equipment to to the layer 3 switch routing for the controller but how could I make that extra hop and VPN them into only the 10.10.3.0-255 subnet for the bagger on line # 1 for example
 
Sample of network is below.
 
Line # 1 is 10.10.1.0-255 Core Switch and server subnet
 
10.10.2.0-255 Bagger
 
10.10.3.0-255 Palletizer
 
10.10.4.10-255 Robot Cell
 
10.10.5.0-255 Filler
 
10.10.6.0-255 Oven
 
10.10.7.0-255 Conveyor System
 
10.10.8.0-255 Inspection System
 


Line # 2
 
10.11.1.0-255 Core Switch and server subnet
 
10.11.2.0-255 Bagger
 
10.11.3.0-255 Palletizer
 
10.11.4.0-255 Robot Cell
 
10.11.5.0-255 Filler
 
10.11.6.0-255 Oven
 
10.11.7.0-255 Conveyor System
 
10.11.8.0-255 Inspection System
0
Comment
Question by:ATL74
1 Comment
 
LVL 17

Accepted Solution

by:
TimotiSt earned 500 total points
ID: 39283811
The 887 is a xDSL router, and the ASA doesn't have DSL interfaces. It could be done with a simple DSL modem in front of the ASA, but that wouldn't be all-Cisco I guess... :)

Can you post a little L2 and L3 diagram of the subnets?

Tamas
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Download Logs File from Cisco Switch 1 63
Cisco IP Phone upgrade 3 35
ASA and ICMP 4 22
Windows NLB support on Cisco Nexus 9000 1 64
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question