both ----- Original Message ----- From: "Martin Blackstone" <[EMAIL PROTECTED]> To: "NT System Admin Issues" <[EMAIL PROTECTED]> Sent: Friday, September 28, 2001 11:24 PM Subject: RE: Router connection issue
> What type of interface does the Netscreen use? > Command, Web, ? > > -----Original Message----- > From: Keith Johnson [mailto:[EMAIL PROTECTED]] > Sent: Friday, September 28, 2001 8:05 PM > To: NT System Admin Issues > Subject: Re: Router connection issue > > > One firewall with DMZ & no other equip needed. Netscreen 10 would work. > Ext interface to router, Int interface to your LAN, DMZ to other LAN. > This would give you firewall protection between all interfaces plus NAT. > Around 3k. > > The real problem will be...what to do with the leftover Cisco 1720 & T1. > Saved enough to pay for the new firewall in 60days. > > Keith > > > ----- Original Message ----- > From: "Greg Page" <[EMAIL PROTECTED]> > To: "NT System Admin Issues" <[EMAIL PROTECTED]> > Sent: Friday, September 28, 2001 10:40 PM > Subject: RE: Router connection issue > > > > The 1720's only support one WIC, so I think your only option is to get > > > a switch (catalyst 2912 comes to mind) where you can set VLANs up and > > hang firewalls between the two companies. You get the connectivity > > with the protection, but it will not be free. > > > > Greg > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 28, 2001 5:37 PM > > To: NT System Admin Issues > > Subject: RE: Router connection issue > > > > > > > > Basically, we have two fully functional networks, both with Cisco 1720 > > > routers. We want to keep the networks separate and only want to be > > able > to > > use a single T-1 instead of separate T-1s. Both routers and T-1 > connections > > are in the same wiring closet. What I would like to do is use some > > sort > of > > switch for both routers to plug into and from the switch, plug into > > the single T-1. We originally had their network connected to our and > > had all sorts of issues between our NT4 servers and their Win2K > > servers, which is why they went with a separate router and T-1. > > > > HTH, > > Pat > > > > Pat Marshall > > Systems Administrator > > Microsoft Certified Professional > > Flying Rhinoceros > > 1440 NW Overton Street > > Portland, OR 97209 > > (503) 552-8700 > > (503) 221-7282 (Fax) > > > > > > > > > > > > Steven.Beckwith@lsa > > > > -assoc.com To: "NT System > Admin > > Issues" > > > > <[EMAIL PROTECTED]> > > 09/28/01 02:01 PM cc: > > > > Please respond to Subject: RE: Router > > connection issue > > "NT System Admin > > > > Issues" > > > > > > > > > > > > > > > > > > > > I don't know what a white Russian is but it sounds good for a Friday. > Don't > > start a whole discussion on it - enough noise already. > > > > > > 1) the T-1 is a digital line that connects to a CSU/DSU (serial > connection) > > on your router. As Jason points out, CSU's can be internal or > > external > and > > I suspect you have an internal WIC card similar to his set up which is > > > why there may be confusion. > > > > > > Although you may have an RJ-45 connector and a regular patch cord (you > could > > actually use a regular phone line), it is NOT an ethernet type > > connection, so only one router can host this connection (You could opt > > > for a THIRD router in your solution). > > > > > > 2) you are also going to need to know about how many "real" (outside) > > IP addresses you have and whether you intend to "share" them (NAT - > > Network address translation) or whether you will "redirect" them (PAT > > - Port > address > > translation). > > > > > > A few other questions come to mind. Is there any inbound traffic that > needs > > to be directed to a specific box (www, smtp) i.e. Do you or the other > > company want to have exchange servers or web servers accessible from > > the internet (in which case you will need dedicated static outside IP > addresses > > for each service) or do you both still get mail via pop3, (in which > > case maybe you can get by with NAT). How many nodes each office, what > > > types of routers are these? > > > > > > I like the idea of sharing resources to keep costs down, but I need to > > > say AMEN to the Firewalling suggestion, esp. to protect your network > > from > theirs > > and vice versa (as well as obviously - the outside). > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 28, 2001 1:30 PM > > To: NT System Admin Issues > > Subject: Router connection issue > > > > > > > > > > > > -----Original Message----- > > From: Jason Morris [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 28, 2001 1:47 PM > > To: NT System Admin Issues > > Cc: '[EMAIL PROTECTED]' > > Subject: RE: Router connection issue > > > > > > > > > > > > Where is the csu/dsu in your layout? You need one of them to talk > > from > the > > > > t1 to the router. All of my routers were purchased with the WICT1-DSU > built > > in so I just terminate there. If you have an external csu like from > Adtran > > > > you need the cable going from the csu to the router, depending on the > > interface. > > > > > > Here's what I would recommend to segment the networks from each other. > Make > > sure your router has 2 ethernet ports, set one port up on their > > network > and > > > > the other on your network. Setup a loopback port and route anything > > going from network A to network B to that loopback and vice versa, but > > > anything going to and from the Internet would be routed properly. > > > > > > Also....it's really really really necessary to setup some sort of > firewall. > > > > Perhaps that's where you can do your routing from network to internet. > Setup > > a Linux box with 3 NICs, 1 for each network and 1 for the internet > > router. Setup the firewalling and away you go. > > > > > > If you need more help, feel free to contact me directly. Jason Morris > > CCDA CCNP Network Administrator > > MJMC, Inc. > > 708-225-2350 > > [EMAIL PROTECTED] > > > > > > > > > > > > -----Original Message----- > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] > > Sent: Friday, September 28, 2001 3:30 PM > > To: NT System Admin Issues > > Subject: Router connection issue > > > > > > > > > > > > > > Hi Everyone, > > > > > > I've been a lurker for quite a while (learning bunches), but now I > > have a problem that totally confounds me. > > > > > > There are two companies in the building where I work. Each company > > has a separate network connected through a separate Cisco router to a > > T-1. For financial reasons, the two companies have agreed to share a > > single T-1. > What > > I would like to do is have a switch that both routers plug into, and > which > > then uplinks to the single T-1. We do not want to co-mingle the > > networks. According to Cisco's documentation, it is a straight-through > > > cable from > the > > router to the T-1. If I connect the switch or a hub between > > > > our router and its T-1, I get an alarm on the router and no connection > > > lights on the switch/hub. I've also tried using a crossover cable > > with > the > > > > same effect and have tried using/not using the uplink port on the > > switch/hub. Have also tried restarting the router between connection > > changes. What am I missing? I'm ready to give up and head to the > > nearest bar for a pitcher of White Russians. > > > > > > TIA, > > Pat > > > > > > Pat Marshall > > Systems Administrator > > Microsoft Certified Professional > > Flying Rhinoceros > > 1440 NW Overton Street > > Portland, OR 97209 > > (503) 552-8700 > > (503) 221-7282 (Fax) > > > > > > > > > > > > > > Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub > > Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ > > Confidential: This e-mail and any files transmitted with it are the > > property of Lanco International and/or its affiliates, are > > confidential, > and > > are intended solely for the use of the individual or entity to whom > > this e-mail is addressed. If you are not one of the named recipient(s) > > > or otherwise have reason to believe that you have received this > > message in error, please notify the sender at the above e-mail address > > > and delete > this > > > > message immediately from your computer. Any other use, retention, > > dissemination, forwarding, printing or copying of this e-mail is > > strictly prohibited. > > > > > > Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub > > Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ > > > > > > Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub > > Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ > > > > > > > > > > > > > > > > > > Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub > > Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ > > > > Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub > > Need a good FAQ? Try this one first: > > http://www.ultratech-llc.com/KB/ > > > Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub > Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/ > > > Want to unsub? Do that here: > http://www.w2knews.com/rd/rd.cfm?id=unsub > Need a good FAQ? Try this one first: > http://www.ultratech-llc.com/KB/ Want to unsub? Do that here: http://www.w2knews.com/rd/rd.cfm?id=unsub Need a good FAQ? Try this one first: http://www.ultratech-llc.com/KB/
