Looks like you have a great deal of work to do.
1st thing, DNS servers are very rarely private. If these are internal
servers, they they can have NAT'd IP or only have certain network segments
to which they will answer queries. If these DNS servers are for public use
(hosting internal/external domains) public access will need to be available.
----- Original Message -----
From: "Hemant Kumar" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Wednesday, October 11, 2000 12:15 PM
Subject: Extranet Network using Cisco 7206 F/W & N AT
> Hi Everyone,
>
> I need your expertise to design our extranet network. Following is the
> scenario:
>
> 1. We have 3 external companies that we want to connect to our internal
> network.
> 2. We do not want to give full access to our network. We want to have
> control on what external customers see on our network. However we do want
> our DNS to be accessible by the external companies.
> 3. For 2 of the company, we are going to provide the routers. The other
one
> is going to provide their router and hence we do not have any control of
it.
> 4. We have bought Cisco 7206 router with IOS Firewall feature set to build
> this extranet network
> 5. For 2 of the company, the IP address overlaps with our ip address
range.
> 6. Companies will be connected using T1, Frame relay and ISDN.
>
> Possible Solution
>
> 1. Cisco 7206 can provide firewall features so that we can selectively
allow
> services to external companies.
> 2. Cisco 7206 NAT feature can be used to translate address (for
overlapping
> addressing)
>
> Question:
> 1. I have very little experience with NAT & IOS firewall. How will I be
> able to do multiple nats on cisco 7206. I know I can do it if I had 2
> connections (inside & outside). But we have 4 connections (one inside ;
and
> 3 outside : S0; S1 & BRI1). How will nat handle this?
> 2. Have any one of you worked with NAT doing similar kind of things? I
> would appreciate if I can get some configures and explanation on its
> operation.
> 3. Do you guys have a better solution than this?
>
> I will appreciate your comments and inputs on this subject.
>
> Thanking you all in advance
> Hemant
>
>
>
> _________________________________
> FAQ, list archives, and subscription info:
http://www.groupstudy.com/list/cisco.html
> Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
_________________________________
FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html
Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
