Situation: I created a 'guest vlan' on our network that will be used by NON-employees. This VLAN hands the user a DNS server and through a standard ACL allows all web browsing (to the internet) and all DNS lookups to that supplied DNS server.
Problem: What happens if a GUEST USER wants to VPN to his/her corporate network? How do I allow that without opening my network up any more than it is? When a guest VPN's to their corporate net they will get DNS and may need to connect to resources on their net that I am not allow access to in my ACL.
Any ideas are much appreciated. Thanks in advance.
[toc:faq]The ProblemOn traditional switches whenever we have a trunk
interface we use the VLAN tag to demultiplex the VLANs. The switch needs
to determine which MAC Address table to look in for a forwarding
decision. To do this we require the switch to do...
[toc:faq]Introduction:Netdr is a tool available on a RSP720, Sup720 or
Sup32 that allows one to capture packets on the RP or SP inband. The
netdr command can be used to capture both Tx and Rx packets in the
software switching path. This is not a substitut...
IntroductionOSPF, being a link-state protocol, allows for every router
in the network to know of every link and OSPF speaker in the entire
network. From this picture each router independently runs the Shortest
Path First (SPF) algorithm to determine the b...