We decided to relocate the server processes to a dedicated server, as opposed to running various services on the router.
We implemented the DHCP process on to the server. This reduces strain on the router. We also added a helper-address to make sure that DHCP continued to work.
For a test, we also enabled HTTP and a local DNS. This let us create a locally hosted website and translation. This is a similar idea to MIT's Cisco start page.
Wednesday, October 31, 2012
Access and security between sites
Site 1 & 2 to us (Admin)
Allow:
Sites 1 & 2 to the internet
Allow:
Allow:
- Internet (Http, Https)
- Ping, Icmp (Between routers)
- DNS
Block:
Other:- Telnet
- SSH
- Carpet Block (Block everything)
- NTP (Centralised time)
Sites 1 & 2 to the internet
Allow:
- Internet (Http, Https)
- FTP (Inwards)
- Remote connections (Telnet, Ssh, Rdp)
- Everything else
Subscribe to:
Posts (Atom)