I am an apprentice in my company and I should design & implement a „simple” infrastructure for apprentices in our company to test out nearly everything they want. For this purpose, I have a room with some racks.
The requirement for the infrastructure is:
Each bookable subnet should have access to the print- & file server.
The subnets should not interfere with each other. For example when one is creating a domain controller, the other subnet/network should not be affected by this.
Each subnet should have its own router. This is for learning purposes because, we can learn how to specify different settings (If this wouldn’t be the case, I’d use a level 3 switch
Content filtering should be activated
Optional: With each router and it’s subnet, a VPN connection could be implemented
I am thinking of using a Cisco ISR 892W as the main gateway/modem/router/firewall.
Now I have some questions for the realization of this project:
Do I need to enable “1:1 NAT” and when yes, which impact does it have for the network?
What do I need to configure that the subnets can communicate with the servers?
Is it possible, that the « Administration PC » in the 192.168.0.0/24 network can access the subnet to remote administrating the servers (for example over RDP or another technology). When yes what do I have to configure? Static routes?
When I am considering implementing a VPN connection for each sub router, is this possible? Are there some issues with NAT?
Do you have any other tips for me?
I'm still learning the whole networking sphere and would be happy if you can help me out