Are all the facilites going to have public address space(ip addresses)? Or will all the facilities lines run to a main complex and hit the internet from there?
Drawing from what you have said, it seems like it will be the first of the aforementioned choices. In this case you would need to figure out an ip scheme and determine if you want a firewall or all the clients to have public ip addresses. I would recommend a firewall at each site and all of your clients behind that firewall and then vpn/gre tunnels to each branch office. With a *nix box (freebsd or netbsd preferrably) this can be done easily. Setup the firewall/NAT on the bsd box at each site. Pretty easy to do, as I have consulted for people doing it here in my city. There are a lot of options you can go with, all dependent upon how much $$$ you have to invest. Cheers, Eric Six -----Original Message----- From: Kirk Ellsworth [mailto:[EMAIL PROTECTED]] Sent: Monday, February 25, 2002 10:43 AM To: [EMAIL PROTECTED] Subject: Network and Security help I have a client that is install high speed internet into a few building and leasing the units out. I am putting a Cisco firewall into the leasing office, and using a managed Cisco switch as well. There will be a large amount of units and security from unit to unit is a concern of mine. Does anyone have a suggestion on the best way to do this? Do I add a DHCP server to the leasing office or do I let the router assign IPs? What do I need to consider if I only want the units to reach the WAN via the T1 router and not have any access what so ever to other units? Also if I have 10 buildings with leased units in each what would be the best way to subnet these buildings. What other mail groups should I send this to? Anything will help here. Thanks in advance ke
