Solved

CISCO DMZ VLAN MANAGEMENT

Posted on 2014-07-18
1
392 Views
Last Modified: 2014-07-29
Hi,

I need setup an External Contractors DMZ which they will use to connect to a storage system to receive and delivery work.  The plan is to attach a physical switch to a spare port on an ASA 5520 so this is completely
separate to our internal infrastructure.  Members of a Development VLAN (one way) would have access to this area via a firewall access policy.

Is there any "best practices" in regards to VLAN Management in DMZ's.  Our internal switches have a management VLAN but would that be acceptable / secure to use the same VLAN outside inner core to manage the switch.  Also unlike the inner switches that use Radius for authentication I would only use a local account.

Thank you in advance.
0
Comment
Question by:Mongo Peck
1 Comment
 
LVL 57

Accepted Solution

by:
Pete Long earned 500 total points
ID: 40207286
Why not simply have a console server connected to this switch, then you can manage it and there is no direct connections form the DMZ/VLAN to the Secure network, you can pick up a console server very cheaply.
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
The purpose of using BGP 33 100
Adding VPN user with Cisco RV110W changes IP address 7 37
Port Forwarding on Cisco 881 14 57
Cisco WAP POE power 28 77
If you have an ASA5510 then this sort of thing would be better handled with a CSC Module, however on an ASA5505 thats not an option, and if you want to throw in a quick solution to stop your staff going to facebook during work time, then this is the…
This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question