VLAN Routing on 3560

Unanswered Question
Jan 26th, 2007
User Badges:

I need some advice on VLANing my servers off of my main network. I run 2 3560's and need a little help. I have 3 servers that all have gigabit cards, as where the workstations all have 100mb connections. is there any benefit to doing this? if so, what benefits. also, if there are benefits, how would i accomplish this. i know how vlan's work, but not sure how to set them up on my switches.


Thanks in advance for any help!



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
scheikhnajib Fri, 01/26/2007 - 08:35
User Badges:
  • Bronze, 100 points or more

Scott,


It is a good practise to put your servers in an isolated VLAN and I would recommend the following:


1 - Create a VLAN for your servers

2 - Add some Gig ports to this VLAN and connect your servers to these ports

3 - Create another VLAN for your workstations and place all their ports in this VLAN (don't use VLAN1 for any hosts and keep it only for management purposes).

4 - Enable IP routing on your switch

5 - Configure VLAN interfaces and assign IP addresses for them. These interfaces will be the gateway address for servers and PC's.

6 - Don't configure any access lists for now, keep all traffic flowing between the two VLANs for a while till you create an understanding of traffic patterns.

7 - After a while start creating ACL's and monitor the results.


That's all I can say in a simple way ..


Cheers.


Salem.

scott.hawks Fri, 01/26/2007 - 09:04
User Badges:

Great advice. thanks. i have a watchguard firewall setting in this config as well. how, if at all, will this affect the firewall?

Actions

This Discussion