Arranging a WAN link

[Jayni]

I am in Scandinavia and have an E1 connection for Frame Relay. Which needs to be connected to a sister office in Stockholm and another in St. Petersburg. I must configure FR (with Cisco router)but there is something else in Russia, not sure what.I need to choose the right encapsulation and configure the right LMI type. I also need to write an ACL for the head-office in order to stop hackers into the research VLAN but I need to allow access to a webserver in the research dept. Any help or tips of where to go to get some info on this is greatly appreciated.
Warm regards
Jayni

 

[StarTAC]

i don't understand when u say u have an E-1 connection for frame relay, because those are two, independent technologies.. E-1 is a TDM-based, leased line, dedicated service, with up to 30 channels providing 2.048Mbps...

frame relay is a logical service, providing up to 45Mbps and is not dedicated, like an E-1...

you get switch information, such as LMI type from the telco, although since IOS 11.2 on Cisco routers, auto-detection of the LMI type is possible...

as for the access list, we need more information.. what are u preventing hackers from.. are u using NAT.. who specfically needs to access the web server..

good luck..

 

[gdschertz]

on the fr interface you will need to ietf encapsulation unless both of the other routers are cisco.
then you can use the defalt fr encapsulation of cisco.
lmi can be ansi or cisco depending on you telco requirments.

you can use an access list to block all wan requists except to the ip address and port 80 of your web server. use and extended access list so you can specify port number. it would be better to set up a dmz out side of the research network. allowing access to that and not to any pc or services on the research network.


you can use ether point to multi point / or point to point subinterfaces for your fr dlci's. I like point to point as it allows more control of each fr link.