multiple promiscuous ports

Unanswered Question
Oct 4th, 2007

I have a following scenario

I have a DMZ interface of a firewall configured as a promiscuous port on a 4500 switch with primary vlan being 100, isolated as 101 and community as 102-107. It covers a huge subnet of /21.

Now, I need to separate out the DMZ interface into 2 and one for http DMZ and the other for remote access DMZ each with a /22.

I am planning to change the mask on the existing interface on the firewall from /21 to /22 and bring up a new interface and assign an address on the next /22.

I also want to configure that new interface as a premiscuous port (this will be second promiscuous port ) and allocate vlan 108 for primary, 109 for isolated and 110-113 for community.

I think this config should not create any problems. Will this work?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion