Re: Campus Lab [7:102020]

From: Vazman (vazman@gmail.com)
Date: Wed Aug 17 2005 - 00:49:36 GMT-3

• Next message: Church, Chuck: "RE: IPv6 NAT-PT IOS Image"
• Previous message: Brian Dennis: "RE: Connect to NM-4A/S"
• Maybe in reply to: Muhammad Saleem: "Re: Campus Lab [7:102020]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Just use an interface on your corporate pix (sort of a DMZ) for the
lab. This way the lab traffic will never transverse the corporate
network. If you have physical connectivity limitations, then you can
simply use a router with an ACL to only allow http traffic.

HTH

On 8/16/05, cacca mucca <caccamucca@hotmail.com> wrote:
> You can put there network outside of the firewall.
>
>
> >From: "Muhammad Saleem" <msaleems@gmail.com>
> >Reply-To: "Muhammad Saleem" <msaleems@gmail.com>
> >To: "Duncan Kevin" <ciscokevin@hotmail.com>
> >CC: "Cisco certification" <ccielab@groupstudy.com>
> >Subject: Re: Campus Lab [7:102020]
> >Date: Tue, 16 Aug 2005 23:29:33 +0300
> >
> >Microsoft ISA server 2004 would be a better and cheap solution, you can use
> >it with three network cards first connect to the Corporate secure LAN,
> >second will be connected with student Lab switch and third one will be
> >connected with Internet.
> >
> >Then student will be able to access only Internet NOT the corporate network
> >but you can easily watch the LAB if u want, if u want more details don't
> >hesitate to ask.
> >
> >
> >
> >Muhammad Saleem
> >
> >Networks Manager
> >
> >KFUPM, KSA
> >
> >Mobile: 00966-508205722
> >
> >
> >----- Original Message ----- From: "Duncan Kevin" <ciscokevin@hotmail.com>
> >To: <cisco@groupstudy.com>
> >Sent: Tuesday, August 16, 2005 10:29 PM
> >Subject: Campus Lab [7:102020]
> >
> >
> >>Have a situation here im not sure about...
> >>
> >>On a campus network we are going to setup a practice lab for students with
> >>it own Win 2003 Standalone/DHCP server and own subent for lab scenarios
> >>and
> >>want these lab computers to only be able to surf internet and not acess
> >>the
> >>rest of campus network just get out to net through the campus PIX... We
> >>are
> >>considering putting in another firewall
> >>betwen us and the lab and only allow HTTP traffic to pass into our network
> >>so it can be routed out (nat the inside wich is the lab and a static
> >>address
> >>on outside interface to our network)... is this possibe with PIX or
> >>Sonicwall or is there a better soultion to accomplish this... any advice
> >>is
> >>welcome....
> >>
> >>Thanks in advance from Texas......
> >
> >_______________________________________________________________________
> >Subscription information may be found at:
> >http://www.groupstudy.com/list/CCIELab.html
>
> _________________________________________________________________
> FREE pop-up blocking with the new MSN Toolbar  get it now!
> http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Church, Chuck: "RE: IPv6 NAT-PT IOS Image"
• Previous message: Brian Dennis: "RE: Connect to NM-4A/S"
• Maybe in reply to: Muhammad Saleem: "Re: Campus Lab [7:102020]"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:01:19 GMT-3