Firewall Customer Configurations and VLANs
-
jenkinsje-p40
- New Member
- Posts: 1
- Joined: Mon Apr 28, 2008 10:21 am
Firewall Customer Configurations and VLANs
The ASA 5505 is capable of VLAN support, port forwarding and other custom configurations. While they are shipped pre-configured and supported only with this configuration, is it acceptable to modify the configuration to suit the needs of the building? Also, what is the official stand on port forwarding? Can VLANs be configured?
-
schester
- New Member
- Posts: 37
- Joined: Sun Sep 30, 2007 11:40 am
I love finding posts where someone else was thinking the same thing as me two years ago!
It's saddening though to see that the question has never been addressed.
I see many reasons for implementing vlan's on the meetinghouse networks. It would be very nice to separate out the MLS computers from those in the FHC and especially wifi users. The way it is currently setup certain people could start giving out the wifi code and the neighbors could be scanning the network and attempting to capture what is being transmitted before it is encrypted on the VPN. Vlans and ACL's would make this much more difficult, but it would require us either having local control of the ASA, putting another router behind the ASA or having SLC do a custom setup.
Anyone have any additional information?
It's saddening though to see that the question has never been addressed.
I see many reasons for implementing vlan's on the meetinghouse networks. It would be very nice to separate out the MLS computers from those in the FHC and especially wifi users. The way it is currently setup certain people could start giving out the wifi code and the neighbors could be scanning the network and attempting to capture what is being transmitted before it is encrypted on the VPN. Vlans and ACL's would make this much more difficult, but it would require us either having local control of the ASA, putting another router behind the ASA or having SLC do a custom setup.
Anyone have any additional information?
-
russellhltn
- Community Administrator
- Posts: 34487
- Joined: Sat Jan 20, 2007 2:53 pm
- Location: U.S.
The firewall is currently under the firm control of the Global Services Desk. I doubt if most stakes have someone with enough knowledge of Cisco gear to do more good than "support needs" to justify opening it up.
Note all all the issues you've raised could be taken care of by placing another stake-controlled router behind the firewall.
Note all all the issues you've raised could be taken care of by placing another stake-controlled router behind the firewall.
Have you searched the Help Center? Try doing a Google search and adding "site:churchofjesuschrist.org/help" to the search criteria.
So we can better help you, please edit your Profile to include your general location.
So we can better help you, please edit your Profile to include your general location.