Hi. A customer has 2 physically separate networks, lets call them Network A and Network Z.
Now. Network A would like to be able to access some info on Network Z, but we dont want Network Z to see anything on Network A.
Network A -----> Network Z
now as they're phsically separate networks, which would be best to allow connectivity from A to Z, a router or a firewall?
Now I could also throw away the switch on Network Z for example, and just use VLANS and run the network from Network A's switch, eliminating the need for multiple switches. Would a router on a stick be suitable for use with such a setup?
Ok, well if I was to use one network and impliment 2 VLANS, VLAN A and VLAN B carrying their original traffic, do you think a router would do the job ? as a Pix would have bit of a time trying to deal with VLAN's id imagine?
Not sure what you mean by one network 2 vlans. Pix firewalls can do 802.1q routing on a stick just as routers can - at least pix 515E and above. But if you separate the vlans with the pix ie. vlan A on one interface of pix and vlan B on another interface then the pix doesn't need to understand vlan id's at all.
As they have 2 physically separate networks at the moment with separate switches and the likes, I was thinking of doing away with one of the physical networks and making 2 VLANS to run over one set of infrastructure (saving on cost of new switches mainly)
This still doesn't mean your pix has to understand vlan id's. If you had just one switch you would create 2 vlans on it and then just attach one of the pix interfaces to one of the vlans and the other to the other vlan. This is not routing on a stick just using the same physical switch for both vlans.
If you only wanted to use one of the pix interface to separate both vlans then yes you would need 802.1q on that connection and the Pix 515E and above + ASA's can do that.
We have 3 identical switches configured by someone else and would like to claim some of the Gigabit ports(G1/G2/G3/G4) for use on servers. When we try to change the wiring and configuration, we run in to connectivity issues. Attached is a des...
This is actually a pretty cool feature, i didn't even know it existed until I was looking for a solution to advertise a subnet (prefix in BGP talk), only if a certain condition existed. This is exactly what conditional advertisements does
j ai une question j ai achete un routeur cisco 887VA-k9 , je le configuré avec la configuration ci- dessous
si je le lier avec mon pc portable sur l un de ses ports directement ça marche toute est bien ( la connexion internet + m...