Background :
We are about to start working alongside a company who is installing some equipment on a client's site which will interface with our software and our client's network. We already interface with the client, so it's basically a love triangle of sorts. This part of the design is just handling communication between the new company and our networks.
I have two firewalls for two separate units/subnets on site - their server will need to communicate with two of our servers, one behind each of our firewalls. I was intending on provisioning an interface on each firewall to connect to their router/firewall and then just build the routes from there. Easy done, right.
Issue :
Turns out their network design relies on a server that has multiple NICs, two of which are for our firewalls. Their side of the network has 5 subnets with multiple NICs in each of the devices as each device needs networks.
Apart from the terrible design that is really out of my hands, what are some worst case scenarios that will allow me to push back on allowing this? I know I could make it work on my end with some NAT, but this is a standard that I do not want to allow to be set.
No comments:
Post a Comment