Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Network Equipment Question

Posted on 2013-06-27
1
Medium Priority
?
299 Views
Last Modified: 2013-07-06
I have 3 production line that have about 10 different pieces of equipment on each line from different vendors each.
 
We want to supply SSL VPN access to each line and each piece of equipment so each vendor can only accesss this equipment. They have already started this project and they fired the contractor 50% finished due to conflicts so now I am picking it up.
 
Thay have this proposed setup ISP> Cisco ISR 887VA>Cisco ASA 5512-X> Cisco Catalyst Core Switch which each line plugs into. The controller of each line sits on the core switch and server subnet of each line and has a layer 3 switch to allow commas to all the equipment it controls.
 
So first question if they have the ASA is the ISR 887 VA even needed? Can't the routing be done in the ASA since it's not that much? Would that be better?
 
The only thing I see they gain with having the ISR in front of the ASA is that the ISR is setup to be the DSL modem in a way and the ISR can hanlde dual WAN connections (internet connections) but dual ISP's are not planned for this setup. Do they even need the ISR?
 
Second question is how will the routing be done? The networking equioment will be on 172.16.1.0-255 so I can setup the VPN to connect the VPN user based on the credentials to the core switch and server subnet of each line easily and being a layer 3 switch they would be able to see all 10 pieces of equipment to to the layer 3 switch routing for the controller but how could I make that extra hop and VPN them into only the 10.10.3.0-255 subnet for the bagger on line # 1 for example
 
Sample of network is below.
 
Line # 1 is 10.10.1.0-255 Core Switch and server subnet
 
10.10.2.0-255 Bagger
 
10.10.3.0-255 Palletizer
 
10.10.4.10-255 Robot Cell
 
10.10.5.0-255 Filler
 
10.10.6.0-255 Oven
 
10.10.7.0-255 Conveyor System
 
10.10.8.0-255 Inspection System
 


Line # 2
 
10.11.1.0-255 Core Switch and server subnet
 
10.11.2.0-255 Bagger
 
10.11.3.0-255 Palletizer
 
10.11.4.0-255 Robot Cell
 
10.11.5.0-255 Filler
 
10.11.6.0-255 Oven
 
10.11.7.0-255 Conveyor System
 
10.11.8.0-255 Inspection System
0
Comment
Question by:ATL74
1 Comment
 
LVL 17

Accepted Solution

by:
TimotiSt earned 1500 total points
ID: 39283811
The 887 is a xDSL router, and the ASA doesn't have DSL interfaces. It could be done with a simple DSL modem in front of the ASA, but that wouldn't be all-Cisco I guess... :)

Can you post a little L2 and L3 diagram of the subnets?

Tamas
0

Featured Post

Become an Android App Developer

Ready to kick start your career in 2018? Learn how to build an Android app in January’s Course of the Month and open the door to new opportunities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When speed and performance are vital to revenue, companies must have complete confidence in their cloud environment.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Suggested Courses
Course of the Month15 days, 23 hours left to enroll

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question