Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

brand new LAN infrastructure setup: needs help.....

Hello,

I'm working on a brand new setup for my temple complex, and i need some guidance from you veterans. We have 5 different buildings within the complex and they all are connected from one main location via fibers to the 3560G switches. Here is the detail:

Setup details:

Management vlan: 1

192.168.111.254/24

Application: all network devices: firewall, switches, shop/DNs server

Dept-1 vlan: 100

10.10.40.254/24

Application: finance

Dept-2 vlan: 150

10.10.28.254/24

Application: audio/video components and access controls devices

Voice vlan: 200

172.16.1.254/24

Application: VoIP phones & server

Authenticated users vlan: 250

172.17.0.x-172.17.3.x/22

Application: for authenticated users

Public users vlan: 300

172.18.1.254/24

Application: for unlicensed/guest users

Hardware details:

1. Dell R710 server: This will serve as DHCP, DNS server for all vlans above. It will also be used as NPS/Radius Server.

4. Cisco ASA 5510 (1) : wil be used as firewall and the gateway to outside world, point the DHCP & DNS to the Dell R710 server above

5. Cisco Cat 3560G switches (6): main building requires two switches

Connectivity:

ISP> ASA5510> 48port 3560G copper sw>8-port fiber switch> to other 3560G switches to the other buildings

Dell R710 DHCP/DNS/Radius server(6-port nic, one for each vlan)

Sent from Cisco Technical Support iPad App

3 REPLIES
New Member

brand new LAN infrastructure setup: needs help.....

Sorry, please use this sketch.....

Purple

brand new LAN infrastructure setup: needs help.....

Is there a question in there somewhere ?

New Member

brand new LAN infrastructure setup: needs help.....

Sorry, continue to past two mesassages:

I want Management VLAN to commincate with all other Vlans but no communication permitted between VLANs.  Entire trafic will go out through Dell R710 server since we will be running MS forefront in it as well.

Questions:

1. Is this setup possible without a router?

If yes,

2.  Do I need to create VLANs in 3560G (seperate Vlan assigned to the 6 port to Dell R710) or ASA5510 (trunking the 6 Vlans between two ASA ports) ?

3.  Would ASA5510 be able to route the outside traffic for all VLANs? 

I'm open for any advice.

Thanks

227
Views
0
Helpful
3
Replies