Hi Kelly, You are absolutely right, and I love your strategy. That is the way I did it 2 years ago, but the only thing now is finding a vpn solution for the Macs. I used Pix for the PC's last time round but never had to do this for the Mac's. Any ideas?
>From: "Kelly Cobean" >Reply-To: "Kelly Cobean" >To: [EMAIL PROTECTED] >Subject: RE: Here we go again ( Pix 515) [7:49492] >Date: Wed, 24 Jul 2002 02:18:38 GMT > >Man, you aren't asking much, are you? ;-) > >Ok, here's the order I'd do things in... > >First things first, get that firewall in place. You don't list what their >internet connectivity is, but if they bought a PIX, it's safe to assume >that >they have a persistent connection, and that being true, they're really >hanging it out there for someone to cut off, so to speak. Network security >is always a primary concern, and the firewall won't take alot of time to >set >up. Not setting it up could be very costly. If they already have a >light(er)-weight firewall like a Linux host running IP chains or IP tables, >replacing this first will save your users down-time later because you can >pre-configure your internet rulebase/access in preparation for your private >addressing. > >Next, I'd do the DHCP and Private Addressing. These go hand in hand, and >since your firewall is now in place, you can do the NAT/PAT translations as >needed and not have to rethink these later. > >Third, get Exchange up and running. If it's going on a different system >than Quick mail is running on, great! Now you can get them running in >parallel, and move users accounts over one at a time or in batches. There >are probably tools out there to do the mailbox format conversion. Now that >your network is secure at layer3/4, you can focus on the nitty-gritty of >the >user data. (Oh yeah, don't forget that backup!!!) > >It's a 10,000 foot view, but that's how I'd do it. I'm not really a MAC >guy, but I'd venture a guess that most or all of your MAC's run TCP/IP and >support DHCP, so from an L3/4 standpoint, they're really no different than >your PC's. > >When doing multiple projects like this, I tend to work along the OSI model. >If the wiring is horrible, or the NIC's are all old 10Base2 nics and have >transceivers to hook them to your BaseT network, take care of the layer 1 >stuff first. Next, if the network is all unmanaged hubs, and your network >is one gigantic broadcast domain, start installing switches to quiet down >the network. Next, get VLANs/routing/security in place for Layer3/4. >Next, >work on the "upper layers" where all of your apps and data live and talk. >Just my $0.02 worth. > >HTH, >Kelly Cobean, CCNP, CCSA, ACSA, MCSE, MCP+I >Network Engineer >AT&T Government Solutions, Inc. > >-----Original Message----- >From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of >Kevin O'Gilvie >Sent: Tuesday, July 23, 2002 9:07 PM >To: [EMAIL PROTECTED] >Subject: Here we go again ( Pix 515) [7:49492] > > >Dear All, > >I am jumping into a similar mess as when I started at my current company, >but this time the Macs out number the PC's. Well here is the scoop: >180 Macs >50 PC's >Static Ip's >No DHCP >No FW >Quick Mail Server >and a whole bunch of other nasty things.. >- They just purchases a Pix 515 >- They just bought Exchange 5.5 > >My projects are: >Set up DHCP >Set up Pix >Set up Private Addressing >Set up Exchange >Migrate them from Quick Mail >etc etc >I have done this before but maybe you guys can help as to how I should go >about this the quickest. > >Thanks, > >Kevin > > >_________________________________________________________________ >Send and receive Hotmail on your mobile device: http://mobile.msn.com _________________________________________________________________ Send and receive Hotmail on your mobile device: http://mobile.msn.com Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=49522&t=49492 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]