Lab environment and access lists

Unanswered Question
Jan 17th, 2003
User Badges:

I've created a network lab environment and seperated it from my production environment with a 1605R router. I want only one or two workstations to be able to access the lab environment from the production side, which is not a problem. However, I also want to be able to access the production side from the lab environment and this is trickier. I need to be able to browse the production environment and access various machines from the lab but of course with my access lists only allowing a few machines IN to the lab I'm not getting the browse list nor can I access machines that are not allowed to access the lab via the access list. Any suggestions would be apprciated. Thanks

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
gfullage Sun, 01/19/2003 - 20:12
User Badges:
  • Cisco Employee,

Sounds like a job for CBAC (http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdcbac.htm).


You'll need the FW feature set, but this is exactly what CBAC is intended to do. You just "inspect" the traffic going out from the lab to the production network, and CBAC will automatically add lines to your existing inbound ACL that'll allow that traffic back in.

Actions

This Discussion