We have a cisco asa 5505. I just learned that we need to provide internet service to a second party that wants to host their own firewall in a remote location . The remote location I have several fiber runs to. Since all our external ips come into the asa, Im going to assign a port on our 5505 to our vlan associated with our ISP. From there Im going to give the second company a /21 block.
My concern is they would also like to keep equipment in our location on their local lan. So off our asa I will connect to a switch (layer 3 I believe) that switch will fiber connect to the second parties switch. the second party will plug in their sonicwall to the remote switch. In order to have local equipment in the same location as the asa Im guessing they have to create a vlan on the local and remote switch and sonicwall?