bobbyforhire
Technical User
Well i finally got my Pix in and havn't stopped working on it since i opened it up. It's the 501 with a 10 user lic.
What I am going to do is simulate a complete small office with diffrent rules per group (IT/Web,Accounting,Wireless)
I don't have all of my routers yet but i will replace what i have with those once i get more down on the pix and 2948g.
So right now I have my Inet-->Firewall. Witch comes to my first question. Is it better to put the Inet to the switch in a Vlan then put the Outside interface on the firewall in the same vlan??
From the Firewall's Inside port i have it going into the switch witch i have two Routers hooked into the same vlan. as the
Firewall - Outside/Dhcp Inside/192.168.1.200
Switch - 192.168.1.150
Wireless Router - 192.168.2.200
Wired Router - 192.168.3.200
The Web Iterface is on the 1.x along with the IT group.
The Accouting group is on the 3.x. And finally my wireless is on the 2.x.
The cisco Pix contains the 10 users license, but i noticed if i use a router for each department i can hook up multiple uses and the firewall will only see it as one user. Is this what people do? Or am I building somewhat of a crappy network?
I am creating the rules based on the 1.x ip that I am giving the routers so that way i can manage them as needed.
Why not use vlans?? From my reading i can see that the 2948G can do vlans but the 501pix is not friendly with vlans.
Tomorrow I will be setting up the VPN side of things but i first would like to know what other peoples opinion on my network to see if this is a good idea or should i look at a more complex to me but faster on the network idea.
Road to CCNA - Day 7
What I am going to do is simulate a complete small office with diffrent rules per group (IT/Web,Accounting,Wireless)
I don't have all of my routers yet but i will replace what i have with those once i get more down on the pix and 2948g.
So right now I have my Inet-->Firewall. Witch comes to my first question. Is it better to put the Inet to the switch in a Vlan then put the Outside interface on the firewall in the same vlan??
From the Firewall's Inside port i have it going into the switch witch i have two Routers hooked into the same vlan. as the
Firewall - Outside/Dhcp Inside/192.168.1.200
Switch - 192.168.1.150
Wireless Router - 192.168.2.200
Wired Router - 192.168.3.200
The Web Iterface is on the 1.x along with the IT group.
The Accouting group is on the 3.x. And finally my wireless is on the 2.x.
The cisco Pix contains the 10 users license, but i noticed if i use a router for each department i can hook up multiple uses and the firewall will only see it as one user. Is this what people do? Or am I building somewhat of a crappy network?
I am creating the rules based on the 1.x ip that I am giving the routers so that way i can manage them as needed.
Why not use vlans?? From my reading i can see that the 2948G can do vlans but the 501pix is not friendly with vlans.
Tomorrow I will be setting up the VPN side of things but i first would like to know what other peoples opinion on my network to see if this is a good idea or should i look at a more complex to me but faster on the network idea.
Road to CCNA - Day 7
![[americanflag]](/data/assets/smilies/americanflag.gif "[americanflag] [americanflag]")
Spc NVARNG