I think this is a tough one.
Client currently has a large number of users dialing in to a bank of Cisco AS5300s. They are accessing a VMS application via LAT. The VMS server is local (on the other side of a switch) right now. Obviously LAT is currently enabled on the 5300s.
Desired option: - migrate this bank of 5300s into a DMZ of a pair HA PIXs (running 6.0). To connect to the VMS server from this desired location, traffic would go from the DMZ subnet to a lower security interface (note: not Ethernet0), to a Cisco 2524 across a point-to-point link to another Cisco 2524, to that same switch and hit the VMS server.
The PIX can’t route LAT, so CAN the AS5300s translate LAT to TCP (Telnet) to get to the VMS box (note: the VMS box does have IP bound to it and does support telnet).
The Cisco documentation on this is very confusing, ergo if the 5300s can do this, do we need the Enterprise version of the software.
Option two: Stick the 5300s in the same subnet as the 2524 router and do protocol translation across the point-to-point links. The problem is (I think) you need the Enterprise feature set of the IOS software for both routers ($1400 per)
I am missing something here. (And the need for LAT goes away in four months, but is mandatory now).
Here is a confusing Cisco doc on this:
http://noc.relcom.eu.net:8081/cdrom/data/doc/software/11_2/cas/3clat.htm
Comments,
TIA
Ben
