doing a switch migration/consolidation into a 4500. I am trying to consolidate a 3512 DMZ switch into a 4506 with a 24-port FE card (among others).
Current DMZ 3512 switch is VLAN 1 10.1.1.254/24 --> Gateway is 10.1.1.1 (ASA5510)
How would I go about moving this to a 4500 using FE ports 3/9 - 3/16 on a 24-port card in slot 3?
I alread have a VLAN created for internal network on the 4500 - VLAN1 192.168.100.xx - so moving the DMZ into the 4500 is giving me trouble. Would I need to create another VLAN, set the 3/9-16 ports to trunk ports?
You would create a new VLAN and then assign those ports to the VLAN, they would not be trunk ports. Let's say you create VLAN 10, you would then assign the ports to the VLAN:
switch(config)#int range f3/9 - 16
switch(config-if-range)#switchport access vlan 10
For security reasons many people would advise you against collapsing the DMZ onto a switch that is also host to your internal network. As long as the routed interface for this network is on the ASA and not the 4500, you can minimize your exposure somewhat. You should turn off CDP, PAgP/LACP, etc. You might also consider changing your inside VLAN from VLAN 1 to a numbered VLAN.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...