We had outgrown our IP allotment and it was time to upgrade. For the first 23 years of VECC we had enough IP addresses to do the things that we needed. We had used up our 254 pubilc IP’s. We didn’t own our own IP’s they were leased from Xmission. We found out through Century Link that VECC was entitled get more public IP’s through a program that had been set aside for public safety. We quickly filled out the paper work and got two class C public address ranges. This was more than enough to do what we had in mind.
When I first started at VECC the software that we used required public IP addresses now this was no longer the case. We could now go to private addressing and VLAN out our networks. I was tasked with making this happen for VECC.
The goals were simple.
- Change all the IP addresses in our network to private including Windows and Unix servers
- Create VLANs to segregate our different needs
- NAT our private server addresses to public IPs.
- Make all the necessary routing changes at VECC and coordinate all the routing changes with our different agencies.
- Update our two Cisco ASA firewalls to the latest software.
- Install and configure Cisco’s AnyConnect VPN
- Less than an hour of down time.
I was able to accomplish all of this in just a couple of weeks. I coordinated with all the different VECC agencies to make the switch on our Frame Relay connections, our Cisco to Cisco IPSec connections as well as our basic internet routing.
I created 5 VLANs for our various needs like servers, workstations, web servers, wireless internal and external. I configured all of our switches and the appropriate ports for the VLAN. I mapped out the entire physical network, something that had never been done at VECC ever.
This project was a huge undertaking due to all the different agencies that connect to VECC. My boss credited me with it being a huge success.