Please Read: Significant Update Planned, Migrating Forum Software This Month

See more
See less

Redesigning corporate network - Need help!

  • Filter
  • Time
  • Show
Clear All
new posts

  • Redesigning corporate network - Need help!

    hello everyone,

    I am redesigning our corporate network. I just purchased 34 cisco 2960s switches along with two 3850 layer 3 (stacked) to act as internal routers. 3850 attached to two 5510 (public facing) ASAs. Each ASA connected to a different ISP (two ISPs). We have 3 different VLANs. 2 VLANs accessing internet via one ASA and the other vlan accessing internet through the other ASA. Each ASA has about 50 plus IPsec vpn tunnels terminated so ASAs must stay as is.

    I have a diagram put together as to how I want it. I need someone to take a look at it and let me know if this will work and what issues I can expect. Some help with configuration and so on. Any help would be appreciated.


  • #2
    Re: Redesigning corporate network - Need help!

    The someone you need is called a "consultant"

    If you want to post the diagram here, you will probably get some responses, but I suspect many will be in the form of further questions, and anything else will be at your own risk.

    Given the probable size and complexity of your infrastructure, I suspect paying an expert to do a proper analysis for you is the best way ahead
    Last edited by Ossian; 27th July 2013, 07:09.
    Tom Jones
    MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
    IT Trainer / Consultant
    Ossian Ltd

    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: Redesigning corporate network - Need help!

      I couldn't agree more Ossian. I have been requesting a consultant from day one regarding this project, but my requests have fallen on deaf ears. That is why I have been for the past couple of months slows designing everything myself in a lab and testing slowly. Fortunately, I have all the equipment and time on my hand. I have gotten intervlan functionality to work. I am able to ping and send traffic from one vlan to another. Its just how do I route vlan specific internet traffic to the proper ASA. That is where I am stuck. I will post a network diagram I created soon. thanks in advance.