So how will task 2 be divided?
Task 2.1 Recreating the customers network
Basic OSPF configuration on routers and PIX/ASA
Task 2.2 Adding security features and VPN endpoint routers
Enabling OSPF MD5 Authentication on PIX/ASA and Routers
Adding new VPN edge routers to the OSPF Network
Task 2.3 Creating ISP Access
Basic OSPF Configuration between 3 ISPs (nothing fancy)
Task 2.4 Creating HSRP on the VPN endpoint routers
Basic HSRP Configuration on the two VPN routers
Task 2.5 Adding VPN Support for VPN Clients
Creating VPN access on VPN Edge routers
Task 2.6 Adding Site 2 Site VPN
Creating Site2Site VPN between routers and PIX/ASA
Task 2.7 Adding network extension mode Clients (NEM)
Creating VPN hardware clients (Routers and PIX/ASA)for NEM access
Task 2.8 Full Redundancy
Enabling SSO on Routers
The next few days I´ll post solution step by step. But first some pictures to explain the network concept.
This is the basic network that I´ve found at the customer location. The routers of the inner core routing network are running OSPF with no security features enabled the routers are most times non Cisco products but since we focus on Cisco network devices we ignore this fact. ;)
The outer core routing network is nearly the same like the inner core routing network but in future the customer plans to divide those network parts more. (but this is future planing and not covered here). Last is the edge network, this part contains network devices that connect to the Internet. In this scenario the primary edge is a ASA/ PIX but in the customer scenario there is an other firewall device in place (but this fact is ignored to ;) )
Here you can see the planed next stage, where two VPN routers are placed in the edge network. These routers are connected to two independent ISPs routers for redundancy issues.
As always if you got questions just drop a not into the comments.
More to come.
Cheers NWG
Posts
Keine Kommentare:
Kommentar veröffentlichen