Managing a DMZ on a Cat 2940 switch

Unanswered Question
Mar 30th, 2009
User Badges:


Just a little advice about the setup I am looking at. I have an edge router 2651XM with a WIC-ADSL card in. I have a PIX 501 and and a Catalyst 2940. Is it possible and a reasonable idea to host a DMZ using a a couple of dedicated ports on the switch? If so, would it be an idea to host it on a dedicated port based VLAN? I want to host a website on the DMZ and my current thoughts on my setup are:

PSTN -> WIC in 2651

2651 -> PIX external I/F using one router I/F

PIX -> Catalyst

Catalyst -> 2651 on the second router I/F for routing on the switch

Thanks in advvance


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Yudong Wu Mon, 03/30/2009 - 22:27
User Badges:
  • Gold, 750 points or more

CAT2940 is a pure layer 2 device. Therefore, you can configure two vlans on it to make it as two virtual switches, for example, configuring all ports for DMZ in one vlan and the rest ports in the other vlan.


This Discussion