I have some small remote offices with 2 office machines and 2 public machines(anyone outside company can use them). I am going to install 501 for each remote office to make a VPN connection to 515 at the head office. What I plan to do is to block 2 pulic machines of accessing to head office resources. here are my settings: The public machines should have only access to Internet
access-list 102 permit ip 192.168.102.21 255.255.255.255 10.10.0.0
255.255.0.0 -->domain machine access-list 102 permit ip 192.168.102.22 255.255.255.255 10.10.0.0 255.255.0.0 ->domain machine access-list 102 permit ip 192.168.102.20 255.255.255.255 10.10.0.0 255.255.0.0 --> ->domain machine access-list 102 deny ip 192.168.102.0 255.255.255.0 10.10.0.0 255.255.0.0 --> block any other machine including those publicsnat (inside) 0 access-list 102 nat (inside) 1 0.0.0.0 0.0.0.0 0 0 global (outside) 1 interface
So am I doing right config?
Another question using DHCPD, can I reserve a specific IP for a mac address?
Thanks a lot for any help-Rob