We have a star topology using eigrp and vrf's. We recently added a new site to our network. However what makes this site different from the rest of our sites is that its making use of another companies facilities and comcast connection The spare comcast connection terminate at all their buildings as well as our building. Its only a handful of users. The few users will use this comcast connection to access resources on our network off the 6509. please see diagram. They have connectivity but as of now no security on this connection. If someone from that company would plug computers in on that connection at any building where it terminates and use the same line those users are using they would gain access to our resources and network. What would you recommend for us to do to secure the connection and users. any suggestions would be great.
Actually the few users is the only folks that will have access to our switch. Im not concern about the switch I am concern about the
connection on the comcast box. Say connection 1 that terminate in the building where the users are also terminate in several other buildings which my building is one of them. If anyone from the other company plugs something into the comcast connection 1 they will gain access to our resources. How will NAC work on the comcast box?
So, is the question that you want to apply access control on the comcast device?
I am not sure how you would do that or what the device supports. Is it a Cisco device? What does it do exactly? Id it your ISP gateway? The 6509 could provide access control also. If comcast is your gateway, maybe ACLs on it will allow access to what you want.
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...