VLAN Setup idea

- C
- Cisco
  
  Contact options for registered users
posted
17 years ago

Fri, Aug 18, 2006 11:42 PM

I am setting up a VLAN and what to make sure that I understand it correctly. Here is the equipment I have and my idea.

1 - PIX515E firewall 4 - Procurve 4000m switch

Would it be bettter to start the VLAN at the PIX or at the Procurve? I need a VLAN1 for regular employees to access the internet, other office computers and the office server. I need VLAN2 to setup a guest LAN that can only see the internet and not the office computers or server. (also does anyone have any suggestions on how to setup a network authorization, that can be used to logon with a username and password to access the internet)

My idea is to start the VLAN at the procurve switch. I would have the port to the firewall as tagged with VLAN1. I would setup the office computers and server on VLAN1 that are untagged. I would setup the guest ports on VLAN2 that are untagged.

Any one have any other ideas or a better way to do this. Any suggestions would help.

Loading thread data ...

- D
- Doug McIntyre
  
  Contact options for registered users
Vote on answer
posted
17 years ago

Sat, Aug 19, 2006 5:23 AM

"Start" the VLAN? A VLAN'd network is equal on all devices, and such devices are hooked up with trunked ports. Each device participates equally in the VLAN for talking to all its neighboring VLAN members.

You may be thinking in terms of a layer-3 protocol driving everything, where the PIX could be doing Layer-3 termination of a VLAN, whereas the HP switches are just layer-2 devices that can VLAN.

There's really no difference either way for either of your proposals.

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.