Hi Our corportate network runs on a cisco based MPLS system. We have 2 ASA Cisco Firewalls which support our internet connection and VPN access. We are now being asked to open up a number of very small kiosk style stores that basically with have 3 or 4 terminals that provide internet access to the public and 2 or 3 devices that will be standard corporate PCs that will only be used by employees.
We are wondering what would be the best way from a network point of view to provide this. And are thinking that maybe we should get ADSL installed at the store. And then we were wondering if you could install a Cisco 800 router with its integrated switch and then configure say ports 1-3 to go straight out to the internet without connecting to the corportate network and the remaining ports would be configured to give a constant VPN connect either through our ASA or straight into our MPLS network.
The thing we don't know if techinically you can do this. Anyone know or have any suggestions?
You can do this by creating two subnets (VLANs) on the 800 router. Create a nat statement that NATs the subnet you want to give Internet access. Create a crypto map that only tunnels and encrypts the other subnet that requires access back to corporate. I haven't used the ASA appliances yet, but have done this with the VPN3000 concentrators (acting as a hardware client) as well as to IOS routers (GRE/IPSec). So far this has worked well for up to about 6 users behind an 871 for us.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...