Re: Network Topology/Configuration Validation

fmatrine · ‎04-23-2006

Hi,

We are implementing a Two-tier firewall architecture using Fortigate and cisco ASA-5500 series firewall for our internal network.

All the tiers will be redundant mode firewall (Active/Active)

First tier firewall (Fortigate) will host the WEB servers (Front end servers)

Second tier firewall (ASA-5520) will host the database (Back end servers) storage servers

Pls refer the attached security-setup-final PPT for actual topology.

Kindly Guide on the configuration in terms of :-

1) Routing protocol to be used (OSPF/RIP)

2) PRI dialup config (DDR) design for branches

3) Firewall design validation

4) IP Scheme validation (Attached)

5) Wan setup termination point

Pls suggest if the proposed setup and related IP scheme will work seamlessly

Regards

beth-martin · ‎04-28-2006

OSPF could be a better choice ,

For DDR configuration try this link

fmatrine · ‎05-02-2006

Hi,

How many OSPF areas should be created.

For Primary and DR site.

Should both the site be configured in area 0 or different area.

Also should we use single subnet for dialup (ISDN-BRI) for backup or should we use point to point subnet for each dialup location.

Primary link will be channelized E1.