The original model for the network in our office was going to be using contextual mode. It turns out that the ASA series firewalls doesn't support VPN through contexts, or at all with the firewall when you have it switched to multiple mode.
Having to rebuild the firewall completely from the ground up. Also added DNS server and Exchange server to the list of items to be built. The exchange server will be for our internal domain only, it wont have an internet facing side. The DNS server is built to handle VPN clients connect remotely to the internal domain, resolve the internal names.
Active Directory will also be setup to support Windows NetBios names. This is a lot more than was initially planned but it should work. The next step after setting all of this up is to segment the network using VLAN's and writing ACL's to restrict access to particular network segments.
Also, I want to have the servers isolated from the internet completely excluding update.windows.com so that they can patch themselves.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment