expert s view on the network infrastructure

Hello people!

I would ask the view to configure the topology of a network to the next requirements:

-J' have two sites: the headquarters and data center site.

-In the seat, I have a cisco ASA 5510

-The requeriments of device of the site data center (not yet acquired) are:

-> The network interfaces three to form a demilitarized zone. a single interface would be connected to WAN, other would be connected to the DMZ and the last would be connected to the internal LAN.

-> This device must allow connections for mobile users.

-> A connection VPN site-to-site must be authorized from Headquarters.

-Requeriments of the security are:

-> VPN, connections are allowed with the direction to the DMZ.

--> Traffic between the internal machine to DMZ and LAN ports are allowed.

--> Traffic from the internet to ports 80/443 of a DMZ machine is allowed.

-High availability data center website.

For now, I'm worrying about the site to site VPN connection:

A single point to point VPN with Gre over IPSEC, the use of static routing would be a good solution?

Someone told me that the ASA 5520 device in the data center site is the best option, what is your opinion about that?

I have seen software SDM to configure the device, is sufficient to set up the device with the requeriments or CLI is better?

Thank you for your comments!

If you use the gre with static route you can do or any dynamic routing you can make up the tunnel always

with shoud ipsec static route only point the to the public ip address to visit remote as of the next hop and the tunnel will come when United Nations interesting traffic matching ACL ACL crypto plan

STP with HSRP work in traffic going from L2 to L3, you must ensure that the HSRP active device is the root bridge as well

Good luck

If useful rates

Tags: Cisco Security

Similar Questions

  • Unknown to router in the Network Infrastructure

    Hello

    There is a unknown router which is not mine not appearing in the Network Infrastructure.

    I understand why it show up under available wireless networks. But not the network infrastructure.

    I have not connected to it, is not my router, and it is not there. It is a little disconcerting, to say the least.

    Here is a screenshot:

    http://www.imagebam.com/image/2ed1ec73539535

    Cisco Wireless VPN router - N is mine.

    WNR1000v2 isn't.

    Is this a security risk? Why is this, and how do I get rid of him?

    Thank you.

    (Essentially the same problem as this):

    http://social.answers.Microsoft.com/forums/en-us/w7network/thread/34a7d2d7-1498-43C9-ACEC-2bc8a7087613

    OK so I would like to know what criteria determines why a router is listed in the network infrastructure... and how to get rid of him?

    Why is windows 7 this? It makes no sense at all...

    Can't really answer. I can only say that turning on the Details view for the page shows that the alien router isn't listed in my network location. A network infrastructure device is that in theory I 'could' connect to research a little further into the router configs (properties because it gives model, series No, MAC address and unique identifier #) indicates that the owner has set up to use WiFi Protected Setup to allow wireless devices to connect (requiring a fixed number of pine).  So, if I had the PIN to the router, I was able to connect to its network. Maybe that's why it appears. If your mystery router is configured in the same way, this could be a further indication as to why these routers being listed in the title of the Network Infrastructure while all other neighboring routers are not.

  • Why are there two routers listed in the Network Infrastructure?

    I have a Linksys WRT54G2 router, but sometimes when I look at my network in the control panel it shows an extra router, that router ghost appears in the title of the Network Infrastructure. It's a WRT160N. Sometimes it's there, sometimes it isn't.

    I have Windows 7.

    Why this is part of my network? Should I be worried? How can I stop it arise?
    Here is a screenshot of the problem:

    Hey DavidVX,

    I found a few other similar topics you can check below:
    On a thread, the user was able to match the MAC address of the window of the Network Infrastructure to an open wireless network (unprotected) nearby. This seems to be the case for multiple threads, I found elsewhere on the internet.
    Given that I have found so many other similar threads on the same issue, I would consider it is safe and I would just ignore it.
    If I find a solution to them, I'll let you know!

  • The network infrastructure for a stand-alone server or a Cluster Network Infrastructure?

    Hello

    I want to install a single instance database and I want to use ASM.

    My setup is now just one node but in the future probably it evolve on several nodes.

    So, can I use the Network Infrastructure for a Cluster to a single node, or I have to use a stand-alone server network infrastructure?

    Concerning

    If you later plan ro use more than one server to install the cluster network infrastructure. It is possible to install on a server.

  • RalinkAPS wifi chipset appears in the network infrastructure

    I just noticed a device appear in my 'Network Infrastructure' called RalinkAPS. I didn't have it there a week, I've been doin a little bit of research and it could be the chipshet of wifi on my router?

    The router is a Thomson/Technicolor TG585 v7; or would it be an ad-hoc link somehow to the router?

    Hello

    The APS Ralink is a WiFi chipset on the router.

    RALink chipsets are used in various consumer-grade routers made by Gigabyte Technology, Linksys, D-Link, Asus and Belkin, as well as adapters Wi - Fi for USB, PCI, Express Card interfaces, PC and PCI Express cards.

    For more information about Ralink see the link below.

    http://www.ralinktech.com/about-us.php

  • Final result of the Installation of network infrastructure

    Version is > 11g Release2
    OS = > Dim 5.10
    Number of nodes == > 2

    When I finished the installation of grid Infrastructure Software", the YES program copies all the files binary grid Node2 as well. Right?

    Should ORACLE_BASE and ' software localization "(une sorte de ORACLE_HOME pour grille) on the same directory paths on both nodes?".

    After the installation of the Network Infrastructure, I can create an ASM instance to create groups of ASM disks for data files. Right?

    Hi Haiti,

    When I finished the installation of grid Infrastructure Software", the YES program copies all the files binary grid Node2 as well. Right?

    If you have configured during the installation of node2 part of the cluster. Right.
    >

    Should ORACLE_BASE and ' software localization "(une sorte de ORACLE_HOME pour grille) on the same directory paths on both nodes?".

    Right.

    After the installation of the Network Infrastructure, I can create an ASM instance to create groups of ASM disks for data files. Right?

    If you have not configured the DSO during installation, you can use ASMCA to create and config instance ASM.

    Kind regards
    Levi Pereira

  • Problem on installing network infrastructure - SCAN name and IP addresses

    People,

    Hello.
    I was installing RAC Oracle Database 11 g 2 system with 2 Virtual Machines (rac1 and rac2) in 3 VMPlayer.

    I set up ASM. Now, I want to install the network infrastructure for rac1 and rac2 using runInstaller.

    I type in 'rac-cluster' in the name of SCANNING box in the wizard.
    According to my understanding, SCAN IP addresses are used to connect to the shared database. 3 IPs SCAN for shared rac1, rac2 and DB are automatically assigned during the installation of the network infrastructure. I need not specify IP SCAN 3 addresses in the file/etc/hosts.

    But when installing on step 3 of 8 grid infrastructure, the wizard appear this error message:

    "Invalid name SCAN - insoluble in IP address. SCAN name: rac-cluster cannot be resolved. »


    Any folk that understand how to solve the problem above (name SCAN & IPs) on step 3 of 8?

    Thank you.

    Hello

    YES requires the SCAN name. SCAN name is the host name.
    Without DNS, you can set the name of the SCAN on the file/etc/hosts.

    The hosts file can resolve the IP address only 1 for 1 hostname.
    Specify a SCAN name on your file hosts of two nodes (same IP address).
    And only one resource SCAN VIP will be created.

    ex.
    $ grep rac-cluster/etc/hosts
    192.168.1.100 rac-cluster
    * the two node address

    And specify 'rac-cluster' on the name SCAN of YES.

    Good luck.

  • When I perform a net view on, I get the error system error 51 next. Windows cannot find the network path.

    Net 51 with a view system error

    I have two boxes of Windows XP that I login as administrator account. I was able to synchronize files, map network drives and can do a tracert to reach one of them.

    However, when I perform a net view on, I get the following error

    51 system error has occurred.

    Windows cannot find the network path. Make sure the network path is correct and the destination computer is not busy or turned off the coast. If Windows still can't find the network path, contact your network administrator.

    How to make this command work?

    Hello

    ·         Your computer is on a domain network?

    Follow the steps in troubleshooting this article and check if that helps:

    You cannot access shared files and folders or browse computers in the workgroup with Windows XP

    http://support.Microsoft.com/kb/318030

    See also this article that resembles the same error.

    Error when you try to access shared resources on a computer that is running Windows 2000 or Windows Server 2003: "53 system error has occurred" or "51 system error has occurred."

    http://support.Microsoft.com/kb/259878

  • Computer description not found when I go to the network view

    I use Windows 7 on a machine here and I noticed that when I go to the network view, I don't see the Description of the computer column. It is very important that we call our by serial number of the pc and the computer Description is the description more detailed that the computer belongs to. I really hope this is feasible and someone knows how to set this option. If anyone has any ideas on this please let me know.

    Hello

    The question you have posted is related to Windows 7 in a domain of work environment and would be better suited to the TechNet community.

    Please visit the link to find a community that will provide the support ask you: http://social.technet.microsoft.com/Forums/en-US/w7itpronetworking/threads

    I hope this helps.

  • After uninstalling the grid Infrastructure: virtual host name [INS-40912] assigned to another system on the network

    Hello

    I deleted successfully installed grid Infrastructure software. Now, I installed again it but the installer complains about '[INS-40912] virtual host name assigned to another system on the network", which he complains not in the first installation process. :/

    EDIT: I checked and both nodes of the cluster are interpingable through their virtual IP address.

    I see that the previous installation has created a clean interface for this virtual IP address:

    eth0:2Link encap HWaddr 00:50:56:B9:0E:AA
    INET addr:10.200.11.159 Bcast:10.200.11.255 mask: 255.255.252.0
    RUNNING BROADCAST MULTICAST MTU:1500 metric: 1
    Basis of interruption: 19 address: 0x2000

    OK solved: I just do:

    ifconfig eth0:2 down

  • Get airport utility to forget the other devices on the network view

    Hello

    Is it possible to get the Airport utility to forget other devices, it's on the graphic display? I live on a college campus so it displays about 15 other aircraft from the airport in the vicinity of my home and I would like to see it just mine! When I was updating the name and password on my base station, Airport utility gave me the option when I clicked on the other devices to 'Forget' them, but as soon as I close, then reopen the Airport utility all return and the only option I have to then when I click on another device must enter the password for it (which of course) ", I do not have).

    Outside him cluttering up the graphic display, I wonder whether, if all these devices are recognized as part of 'My network', is sometimes interfere with my access internet and wi - fi as the speed and the same connection seem to go up and down like a yo-yo (sometimes up to 90 Mbps but also weaker than 0.05 Mbps - less than the old dial-up!). I have been informed by our IT Department University detects a problem with your local network, it can "bleached you' which cuts or slows down your connection into a net - and if all these devices are considered by Airport utility as part of my network so I'm guessing that a problem in one of the base stations that could affect the rest.

    So, is it possible to get just the Airport utility will display only my own base station (Airport Extreme) over a wi - fi (Airport Express) extension?

    Excellent question...

    First airport utility keeps a history of all the airports that he never sees and even if you select forget he never forgets... you need to dip down and remove the plist... as with all things Mac.

    / Users/youusername/Library/Application Support/Apple/AirPort/SavedTopos/Topo-nIfc=en0,nHsh=00000000.plist

    There are a lot of them dated for every time the network topography change. Close airport utility and delete the entire lot... a new will be created when you restart.

    What OS you are using... There is an option... but I'm not sure it works... to show only devices you set up.

    So, open airport utility preferences. Click monitor airport basestations for problems... then don't watch that airport base stations which I configured... Tell me what happened to him.

    Outside him cluttering up the graphic display, I wonder if, if all these devices are recognized as part of 'my network ',.

    No, it's just the airport utility is a bit too excitable to find other airports of apple around the place and wants to watch all the...

    They are not part of your network... but in small areas Wireless will cause problems... it, without doubt. Most of the colleges banning people who run their own wireless routers because the result is what you feel... CHAOS.

    There are 3 channels for 2.4 ghz and perhaps 6 or 7 for 5 GHz Wireless AC must so much bandwidth, you have more than 3 or 4 channel without overlap... This means that for every 3 airports you have exhausted all channels... (and all airports after it's battery on the mill).

    15 other aircraft from the airport in the vicinity of my home

    So that means at least 5 airports are run on the same channel you are on average. Wireless was never designed to ensure that the density of life. It's only the airports... think how no apple routers wireless there's around you that are not displayed.

    Open any program wireless diagnostic... There is a built-in to your Mac. see how many names wireless mac can pick up.

    I highly recommend that you stick to the use of the 5 GHz band using a different name... and choose depending on the channel works best for you. No Auto and just stick...

    You'll never find that it works without problems... but there is no doubt that life is easier if people started to build a faraday cage to live in or used ethernet.

  • Why can't I view the network icon in my notification area?

    Network icon displays only not on the taskbar. Have you tried right clicking on the taskbar, where I chose 'Properties', then 'notification area '. When he shows the four tickboxes to "system icons", the 'network', we turned gray and when I try to check the box, nothing happens.

    Hello

    There are different ways to fix it

    read all the information on the link below

    Try Method 3

    Method of reading 3 etc. in the link below

    How to enable or disable the Notification area system icons in Vista

    http://www.Vistax64.com/tutorials/106787-notification-area-system-icons.html

  • Change the computer name in the network discovery, view old and new names and get error code 0 x 80070035

    I changed the computer names of computers each with windows 7 and a home network sharing. Network discovered each poster now the old and new names. I also have an error code 0 x 80070035.

    How can I get rid of the old names?

    Hello

    Are you able to access computers using the names?

    Step 1: Check out the link to learn how to delete the old name and create a new name:

    Change the name of your computer:

    http://Windows.Microsoft.com/en-us/Windows7/change-your-computer-name

    Step 2: Refer to the section below for more information to correct the error 0 x 80070035 and steps.

    Open the homegroup troubleshooting utility

    http://Windows.Microsoft.com/en-us/Windows7/open-the-HomeGroup-Troubleshooter

    Error 0 x 80070035 appears if you are not able to access the network computer. Follow the instructions in the thread below if you are faced with a similar question:

    http://answers.Microsoft.com/en-us/Windows/Forum/Windows_7-networking/Windows-7-error-0x80070035-when-trying-to-share/d8168c72-D51C-41C3-8B8F-3b6bb7f65f43

    It will be useful.

  • How to view traffic on the network for window icon 7?

    In XP, whenever there is network traffic, the network icon flashes, but it does not Flash in Windows 7.

    I would like to know how do network icon flashes on window 7.

    Does anyone have any suggestions?

    Thanks in advance for your suggestions

    This is a small app that will do it for you.  It does not need to be installed, just 'run' or 'open' the file and you will see the icon.

    I keep in my folder of OneDrive public to share with others.  You can get it here:

    Indicator of status bar of the network for Windows 7, 8 and 8.1

  • When you try to view the networking of the Explorer, my explore crashes and windows have no reason why.

    I am currently running Windows 7 home, and as the title suggests, whenever I try to access the network in Windows Explorer, it crashes. Does it as well as I'm in safe mode with network. Any help will be welcome.

    Hello

    1. What is the accurate and complete error message you get?
    2. don't you make changes to the computer before the show?

    Method 1
    I suggest you try the steps from the following link:

    Windows Explorer may hang in Windows 7 or in Windows Server 2008 R2
    http://support.Microsoft.com/kb/2515325

    Method 2
    I suggest you run virus scan online by using the Microsoft safety scanner.

    Microsoft safety scanner
    http://www.Microsoft.com/security/scanner/en-us/default.aspx

    Note: when you do an antivirus online, you will lose data that are affected by the virus. Microsoft is not responsible for the loss of this data.

Maybe you are looking for

  • T440s is not awaken from its slumber

    I got a new T440s about 2 weeks and sometimes it is not wake up once he starts in mode 'sleep'. He is stuck on a black screen and the mouse cursor is visible, but moving the mouse or pressing keys on the keyboard does not wake up. When this happens,

  • MacBook Pro battery

    Hi all I have a serious problem with my Macbook Pro bought in February 2011 In recent weeks, the battery was not load correctly, or the laptop came into fashion 'sleep' to 40% or 50%, so I had to use my phone still plugged in, when it's on. Lately, o

  • problem with printing on wireless network

    Hello. I have a HP psc 2410 all-in-one printer. I recently bought a modem router that has a function called "print server" and I decided to use this feature and print via wifi. I put it to the top, but with a problem. When I print something, for exam

  • Try buying a new graphics card but don't know if it will work. Help

    Hi guys, I'm new here and I have a question. I have a computer, HP Envy h8-1414, this is the link that it http://h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c03517389 and I never liked the graphics card. I found a very good graphics card

  • In English in China with HP laptop nine Win 8.1

    Hi, don't know if you can help me. Just bought a laptop computer brand new and you want to install windows English 8.1. (I, bought in Australia). Has transformed, but to start I have to cross the screens with fields to fill - instructions are in Chin