Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
740
Views
0
Helpful
1
Replies

LAN/WAN separated different network and access bi-direction

chris_tan
Level 1
Level 1

‎01-19-2010 06:11 AM - edited ‎03-06-2019 09:21 AM

Hello all,

I require some advice on following:

I have two different company network where each have own LAN/WAN subnet and resources.

Company A require access to Company B resources via WAN connection.

Company A has employee from Company B at the location

Company B employee need access the resource on his Company B and resource at Company A

At Company A location, employee from Company A and B are sit together (using same subnet)

Both company require some kind of security implement to only allow agreed traffic from either side.

Question 1:

How the Company B employee(at Company A location) access to Company A resource and Company B resource from the same machine ?

The answer should include

a. type of routing

b. is NAT require ?

c. is Layer 3 devices require at the location to separate two different subnet use by different Company?

d. how both employee get the ip address and DNS

Beside above, what if both company have access to own network via VPN. How to apply all above ?

Advice require.

Thanks and appreciate your time.

Rgds,

Christopher

Labels:
0 Helpful
1 Reply 1

Igor Tumkin
Level 1
Level 1

‎01-28-2010 10:07 AM

Hello,

There could be different designs to achive this.

The simplest way to do this is by implementing ACLs where appropriate.

1. Of course, you need to allocate a separate L3 subnet for the Company B employee at Company A location.

2. On Wan interfaces you put ACL to allow:

     -  Company A to reach Company B resources;

     -  Company B employee at Company A location to reach Company B resources;

3. On L3 interface at Company A location towards Company B employee put ACL to allow:

     - him to reach Company B resources;

     - him to reach Company A resource;

4. Type of routing does not matter. Even static will do, if there are only a few subnets. But any dynamic routing is better (e.g. OSPF or EIGRP), since networks tend to grow and dynamic routing provides resilience;

5. No need for NAT, as NAT is needed if network ranges overlap or you need to change/hide IP addresses.

6. L3 devices are needed, of course at both locations;

7. IP addresses and DNS are provided via DHCP, so you would need a DHCP server (could be configured on Cisco routers);

8. Not sure about VPN access - there are too many ways it could be organazed.

Thanks,

Igor

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card