Multi company network

Hi!
I’m asked to setup a multi company network. There will be approximately 4-8 small companies around 8-15 people in each company.
These companies will share some resources as printers and probably a nas. Furthermore they will have their own wlan ssid trunked from E0/7 to the AP.
Thinking about using asa5505 security plus license. AP will be this one AIR-SAP1602I-E-K9. As of now to allow more ports for users I will just hock up small simple switches to each Ethernet port on the ASA. When there are no more room I will buy a vlan capable switch.
Each company per vlan.
company1 Vlan10 192.168.10.0/24
company2 Vlan20 192.168.20.0/24
company3 Vlan30 192.168.30.0/24
company4 Vlan40 192.168.40.0/24
Shared Vlan100 192.168.100.0/24, printer ip 192.168.100.10
The companies should be separated from each other and only able to access the internet and the printer vlan. I got public ip in a 248 subnetmask giving me 6 addresses.
Company1 need to have 1 private ip. Also given ability to access their desktop PC from home. Other companies could share the same public IP.
Copmany2 will host a web server so it also needs a public ip accessible from outside.
Setting up Vlan and interfaces is no problem. The problems for me starts when creating NAT rules. Guess I will not use same-security-traffic permit inter-interface and use ACL.
How should you managed the traffic flow?
 Br
Fredrik

You're on the right track.
One VLAN per company, each assigned to an interface, no same-security-traffic. Make them all security level 100. Make the printer VLAN 90.
Create a remote access VPN for company 1 with split tunnel and only give them route to their assigned network. Make the nat rule for them as nat(company1,outside) with dynamic translation to the outside interface. Make separate nat rules for the other companies as well with dynamic translation to one of your other public IPs. Make one specific port forwarding NAT rule for the company 2 webserver.

Similar Messages

  • Problem in loading images when i am connected on company network

    Hi friends, I am using firefox since last 4 months on my windows 8 pro laptop.but since last month I am facing problem in loading images when i am connected on company network but same time it is working fine with ie10. But all these thinks are working well at my home when I am using broadband.

    I don't completely understand your issue. Does this issue occur on 1 network and does not occur on another? Have you tried clearing cache and cookies and making sure your plugins are up to date?
    Many site issues can be caused by corrupt cookies or cache. In order to try to fix these problems, the first step is to clear both cookies and the cache.
    Note: ''This will temporarily log you out of all sites you're logged in to.''
    To clear cache and cookies do the following:
    #Go to Firefox > History > Clear recent history or (if no Firefox button is shown) go to Tools > Clear recent history.
    #Under "Time range to clear", select "Everything".
    #Now, click the arrow next to Details to toggle the Details list active.
    #From the details list, check ''Cache'' and ''Cookies'' and uncheck everything else.
    #Now click the ''Clear now'' button.
    Further information can be found in the [[Clear your cache, history and other personal information in Firefox]] article.
    Did this fix your problems? Please report back to us!
    Please check if all your plugins are up-to-date. To do this, go to the [http://mozilla.com/plugincheck Mozilla Plugin Check site].
    Once you're there, the site will check if all your plugins have the latest versions.
    If you see plugins in the list that have a yellow ''Update'' button or a red ''Update now'' button, please update these immediately.
    To do so, please click each red or yellow button. Then you should see a site that allows you to download the latest version. Double-click the downloaded file to start the installation and follow the steps mentioned in the installation procedure.

  • MULTI COMPANY DATABASE in SAP B1

    Hi there,
    If you are setting up multi company database in SAP Business One,
    is there a way for us to hide/unhide the other existing databases?
    beth

    Hi,
    You could always create a second SQL server instance and share the licence server.  I am doing this to test addons without effecting the production system.  if it runs on the same server you do not need a further licence for a new instance
    However, there are caveats:
    1)  both databases would have to run exactly the same addons.
    2) users would have to change the database server (instance) to switch between the companies.  this would also mean they would have to know an admin password.
    I am sure there will be more but they are the 2 that spring to mind.
    thanks,
    mike

  • Can't Connect to our Company Network

    Good morning! I'm new to MAC computers so bare with me. I'm using a MAC at work and I'm not able to access the company Network. I've had our IT lady take a look with no luck. Is there anyone out there that can help?

    Hi Lisa,
    We'll need more details about your situation to help you. Are you trying to connect wirelessly or through an ethernet cable? Does your network use DHCP?
    Does your network administrator have the network MAC-locked (this doesn't refer to Macintosh computers; each device on a network has what's called a MAC address. It's a number that looks like 00-12-34-56-A7-4D and it identifies the device.) If the network is MAC-locked, you'll need to add your computer's MAC address to the list of approved network devices before it will connect. Restricting hardware on a network with a MAC-lock is fairly common in the corporate world.
    Please come back with as many details about the situation as you can. Good luck!

  • In light of Mozilla refusing to support free speech I would like to delete it off my company network

    How can I be assured that it has been actually deleted off all workstations, with no files left?
    We have too many to individually check and we need to unsure Firefox is totally removed from use.

    What boycott? I asked a direct question but received a canned political answer. Now I see the problem there.
    I merely asked for technical advice to insure all the files are removed from my company network. Is there a link for network administrators re removal instructions? If so, can you send it?

  • Company network design

    Hi guys,
    I am a student from Belgrade and currently i am working on company network implementation, and i have few problems.
    1. I have to make company regional center which looks like this:
    - Company has two buildings in one town:
     - First building has four departments (finance, development, IT, marketing) and server farm with five servers (one for each department and one shared server)
     - Second building also has that four departments and only one server (backup server)
    Requests:
    a. Each department should see its server without routing
    b. All other traffic should go through router
    How can i achieve this?
    I have sent you screenshot of my network with backbone and one city connected (BGD), with redundant routers on backbone and with its two locations.
    Also, i am not sure if i need separate router for each location.
    2. I need to add main office and branch offices to Houston router:
    -Main office should be connected to backbone and it should contain another router which is connected to branch offices via serial links.
    Requests:
    a. How should i design this?
    Thank you anyway,
    Regards,
    Dragan

    Hello,
    It is my university project, but actually, i am not that lazy, i would like to do it on my own, but i am not 100% sure how to do that.
    Ok then, i will tell you my ideas and i hope you will tell me if it is right.
    1. As you can see in the attached picture i have built backbone (4 routers named NewYork1, NewYork2 (i needed router redundancy for NewYork), Houston and LA) and New York network, which should be one OSPF area.
    There are two company buildings in NY on separate locations. Both buildings have 4 departments - floors (finance, marketing, development and IT).
    First building structure:
    - On each floor i have one department and in the basement is the company data-center (with 4 servers for each department and one shared server) and DMZ.
    Second building structure:
    - On each floor i have one department and in the basement is the backup server.
    Requests for NY:
    a. Each department should access its server without routing.
    My solution:
    - As you can se on the pic i attached, i put a router in each location (routers named NewYork-Location1 and NewYork-Location2), in order to divide the network into two LANs.
    - Every department, servers room and DMZ has its switch so i can add more devices.
    a. Each department should access its server without routing.
          - As i know this is possible only on location 1 if i configure VLANs (one VLAN for department and dedicated server). Traffic from location 2 departments to dedicated routers must go through router. Is there some other way to achieve this? can vlan be made on remote sites?

  • How to set up an E-mail server, ( To recieve and send outside a company network)

    Hie,
    The scenario is, our company wants to start hosting their own emails and not through an ISP. I somehow managed to install and configure MS Exchange server 2010, we are able to send and receive mails but only when we are connected to our company network.
    Is there something i have missed?
    Regards
    Felix

    Hi,
    this should help you:
    Enable Outlook Anywhere:
    http://technet.microsoft.com/en-us/library/bb123542(v=exchg.141).aspx
    Enable Exchange ActiveSync:
    http://technet.microsoft.com/en-us/library/bb124234(v=exchg.141).aspx
    Understanding Outlook Web App:
    http://technet.microsoft.com/en-us/library/aa998629(v=exchg.141).aspx
    Hope that helps
    Regards
    Sebastian

  • Adobe Reader 11.09 unstable on Win 8.1 in Company Network

    Today I started rolling out Adobe Reader 11.09 in my company network.
    Installed on 4 machines I have difficulties on 2:
    - 2 machines with Windows 7: no Problem
    - 2 machines with Windows 8.1: Adobe Reader is very unstable and slow
    I tried opening pdf-files from a network share (as I read a different thread here) and from local hard drive.
    Both times Adobe Reader gave no Response for minutes.
    After changing back to 11.08: no problem.
    Anyone any idea?
    If you need more detailed information just ask.

    Not that anyone cares but I´ve solved the problem.
    It has nothing to do with Windows 7 or Windows 8 but if the proxy in system settings is enabled or not.

  • Multi Company scenario in obia

    Please advise on implementing OBI Financial Analytics for Multi Company scenario where each company goes live in each phase.
    Phase 1 - Company 1 goes live
    Phase 2 - Company 2 goes live
    Phase 3 - Company 3 goes live & all 3 Companies Data are available in single OBI Application.
    We would like to know more about the Load Strategy. How to to Full load for Company 2's data without affecting Comapny 1's & 2's Data and so an so forth for Company 3.
    Is there any other alternate way / standard Oracle recommended procedure to do this?
    thanks,
    paresh

    Hi,
    You could always create a second SQL server instance and share the licence server.  I am doing this to test addons without effecting the production system.  if it runs on the same server you do not need a further licence for a new instance
    However, there are caveats:
    1)  both databases would have to run exactly the same addons.
    2) users would have to change the database server (instance) to switch between the companies.  this would also mean they would have to know an admin password.
    I am sure there will be more but they are the 2 that spring to mind.
    thanks,
    mike

  • Guest network inside company network

    Hi All,
    I have AirPort Extreme 4th generation which is configured inside company network to give access to internet and internal network for our emplyees. Right now it is working in Bridge mode and just forwards packages from wi-fi clients to DHCP server or whatever they need. I need to configure Guest netwotk to allow only access to internet but not to internal network.
    Is it possible to do when AirPort connected to internal router or switch but not to ISP?

    Is it possible to do when AirPort connected to internal router or switch but not to ISP?
    Not in the way that the AirPort was designed to operate as a device connected directly to a simple modem, making it a "main" router handling DHCP and NAT services.
    It is not possible to say whether you might be able to set up the Guest Network function and have it operate correctly.
    If you want to try, you need to perform a Factory Default Reset on the AirPort and then configure it to act as a router handling DHCP and NAT services. 
    That may create DHCP conflicts since you already have another device handling DHCP on the network....and any devices on the "main" network there receiving DHCP from your server will not be able to "see" other devices on the AirPort network, since they will not be on the same subnet.
    it will definitely create a Double NAT issue, which will tend to slow down things a bit on the AirPort network.
    The bottom line is that you will be breaking some basic network rules if you try this. Whether or it will work cannot be known until you try it out on your own network.
    If you have strict network security procedures, the hypothetical setup above is not going to pass when the inspectors come around.

  • Master data among multi company

    Experts,
    how does SAP handle of master data in case different system setup in different location?
    For Example: Multi Company case where ABC company operates in USA with own SAP system, XYZ company operates in UK with own SAP system.
    But where is the master data (vendor, customer, etc) maintained ? Will be there any synchronization between the systems?
    Thanks,
    Sukhbold

    Hi Sukhbold Altanbat,
    Though the operations are doing in multipule location but data will be saved in single Central data base.
    this central data base is placed in a secured location and will be tested properly before placing i.e. it will not impacted with calamities like cyclone... etc.
    Transaction data is done only at front end but data will entered in the frontend will be updated in back end data base.
    Note:  we may have 2 servers data bases which will placed in different loaction this will be used if once gowes down,other will start working with out any imact.
    With respect to Sync..  2 server data bases will be automatically where ever is some change in db1.
    Hope this helps you, kindly let us know if any further details required.
    Best Regards,
    Maruthi

  • IOS updates on company networks

    Our company allows iPhones and iPads that are enrolled in our MDM service to have open Wi-Fi access to the internet.  Is there a way to block iOS updates on a company network but still allow them access to the App Store for apps and app updates?  iOS updates can be very large in size and without have a caching solution each location, each iPhone and iPad will be individually downloading them during the day and impacting our network.

    sadly there is no way to restrict iOS devices from updating iOS. Only way would be to restrict the WiFi not be able to access Apple's server

  • Safari (for PC) keeps asking company network password in every boot.

    Safari PC version keeps asking company network password in every boot. Even if I checked the remember box, nothing changes. (ver 5.1.7 7534.57.2). I also use other browsers (Chrome, IE, Firefox), I entered the password once and that is all.

    Hello,
    Please open the Keychain Access program in Applications > Utilites. In the Edit menu, choose Change Sttings for Keychain 'Login'. Make sure none of the boxes is ticked and confirm by pressing save.
    That should fix the problem.

  • HT1218 Cannot use WPS-capable Wi-Fi printer on company network because network administrators will not allow

    Great. So I am in an office and need to set up my own printer to avoid paying printing costs on the company network printer. How does WPS-capable Wi-Fi printer capability help.
    It does not. And for any company of any size it will not help. Who is going to fly to all of the facilities and run around pushing buttons to get the connection to work. It appears this is useless "technology". This is innovation???

    Which printer is it? There may be an alternative method.
    As for WPS, it is also a security risk so no good IT admin is going to enable it on an SMB or large enterprise network.

  • Can't connect to company network anymore.

    Hi guys I need help getting online with company network. I use to be able to connect to the internet through ethernet but all of a sudden it will not connect at my office. I can go over to the main office and it will still connect. The other office computers will connect at my office but not my macbook, it shows self assigned ip address and may not connect. I've tried some other things from other post but nothing is working. Please Help, Greg.

    This seems to be happening to a lot of people recently. Not sure if this was after the patch or what.
    The only way I've been getting around this so far is going to Firewall and setting it to allow all incoming traffic, wait for it to connect and then reset it back to what you had. I would be able to connect most of the day and then would have to do this again the next day.
    This is definitely annoying. I'm not sure what's causing this. I hope they get enough complaints to get this fixed.

Maybe you are looking for

  • Deprecation in Java

    I don't know what is deprecation in java please tell me brief about it?

  • The symbol u00BE read from a database by ABAP changes to u00F3

    I have a table where a column contains the 3/4 mark (¾). When I list the table with SQL or MSAccess, the 3/4 mark is visible as expected.  However, when ABAP reads this same table, the 3/4 mark is changed to ó.  If I view the table in SE16, same resu

  • Properites Pane with single group of properties (PROP_SET_SINGLE_GROUP)

    Hi ,   Does anyone know how to find the property group technical name of certain web item for setting the parameter PROP_SET_SINGLE_GROUP of properties pane? Thank you, Jeff

  • Deleting files is slow

    System: - Dell quad core XPS 710, 4GB RAM - 5x500MB HD - Vista - Nvidia 7900 GS and Nvidia 8600 GTS (I have updated the nvidia drivers and the vista hot patches) - My Lr database, with 62,000 images, is on its own 500MB HD, with Vista file indexing t

  • Change hostname on nodes in STANDY RAC Cluster

    Hi, I would like to know the required steps to modify and hostname configuration in Oracle RAC if I update the hostnames of the 2 nodes in the RAC Im running Redhat EL 5 , Oraclle 11g Thanks in advance