VLAN Setup idea

Discussion in 'Cisco' started by Cisco, Aug 19, 2006.

  1. Cisco

    Cisco Guest

    I am setting up a VLAN and what to make sure that I understand it
    correctly. Here is the equipment I have and my idea.

    1 - PIX515E firewall
    4 - Procurve 4000m switch

    Would it be bettter to start the VLAN at the PIX or at the Procurve? I
    need a VLAN1 for regular employees to access the internet, other office
    computers and the office server. I need VLAN2 to setup a guest LAN
    that can only see the internet and not the office computers or server.
    (also does anyone have any suggestions on how to setup a network
    authorization, that can be used to logon with a username and password
    to access the internet)

    My idea is to start the VLAN at the procurve switch. I would have the
    port to the firewall as tagged with VLAN1. I would setup the office
    computers and server on VLAN1 that are untagged. I would setup the
    guest ports on VLAN2 that are untagged.

    Any one have any other ideas or a better way to do this. Any
    suggestions would help.
    Cisco, Aug 19, 2006
    #1
    1. Advertising

  2. "Cisco" <> writes:
    >I am setting up a VLAN and what to make sure that I understand it
    >correctly. Here is the equipment I have and my idea.


    >1 - PIX515E firewall
    >4 - Procurve 4000m switch


    >Would it be bettter to start the VLAN at the PIX or at the Procurve? I
    >need a VLAN1 for regular employees to access the internet, other office
    >computers and the office server. I need VLAN2 to setup a guest LAN
    >that can only see the internet and not the office computers or server.
    >(also does anyone have any suggestions on how to setup a network
    >authorization, that can be used to logon with a username and password
    >to access the internet)


    >My idea is to start the VLAN at the procurve switch. I would have the
    >port to the firewall as tagged with VLAN1. I would setup the office
    >computers and server on VLAN1 that are untagged. I would setup the
    >guest ports on VLAN2 that are untagged.



    "Start" the VLAN? A VLAN'd network is equal on all devices, and such
    devices are hooked up with trunked ports. Each device participates
    equally in the VLAN for talking to all its neighboring VLAN members.

    You may be thinking in terms of a layer-3 protocol driving everything,
    where the PIX could be doing Layer-3 termination of a VLAN, whereas
    the HP switches are just layer-2 devices that can VLAN.

    There's really no difference either way for either of your proposals.
    Doug McIntyre, Aug 19, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Paul

    VLAN or Not to VLAN

    Paul, Oct 27, 2003, in forum: Cisco
    Replies:
    0
    Views:
    535
  2. Neil Rowland

    Auxiliary VLAN V VLan

    Neil Rowland, Apr 13, 2004, in forum: Cisco
    Replies:
    1
    Views:
    549
    Phil Dotchon
    Apr 14, 2004
  3. PS2 gamer
    Replies:
    1
    Views:
    924
    Ivan Ostres
    May 28, 2004
  4. avraham shir-el
    Replies:
    4
    Views:
    8,428
    avraham shir-el
    Jul 20, 2004
  5. rahul_hotin

    VLan OR NO VLan

    rahul_hotin, Apr 26, 2005, in forum: Cisco
    Replies:
    1
    Views:
    562
    Ronnie.wonderboy
    Apr 27, 2005
Loading...

Share This Page