I have attached a pdf file of our current network diagram and a proposed network upgrade layout. We currently have a site with less than 50 workstations, a few servers and networked printers that are all hanging off of 2950T switches and all on the same /24 network. I would like to add a 48 port 3560G for the core switch, move the existing 24 port 2950T at the core to a "dirty switch" outside the firewall and add a 2811 router to setup a few vlans to start organizing the network better. I have a config I can use for reference for the ACL's and VLAN setup. We would probably only need 6-7 VLANs to start with. Are there any problems with this layout?
There's nothing wrong with the layout. As you know the 3560 is a layer 3 switch therefore you don't even need the 1821 router. You can connect the 3560 directly to the PIX inside interface for design simplicity. However, it would work fine even with 1821 in place as long as your routing on the inside is setup correct.
Why are you putting the 2924 switch on the outside, between the PIX and DSL modem, are there going to be some other devices connected to the so called dirty switch.
Yes, We have some outside entities that need public addresses to devices inside the facility. Currently they are configured on the PIX and by doing this we would be able to keep our network seperate from these outside users.
So would the ACL's go on the 3560 to be able to route between the VLANS? Admin and staff vlans would need to get to the server and internet vlans etc.
I have one VPN tunnel from this PIX 501 to a PIX 515. I guess I didn't realize the 3560 would do this. I knew we would need a router to make the different vlans talk to each other or not and that is where I came up with the router in the diagram. So all we would need then is a new 3560 and keep the PIX basically configured as it is now?
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...