Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PVLANs and firewalls

folks

i have a switch setup with a primary pvlan, a host vlan and a community vlan

i've been asked to allow two hosts, host A & host B, to have limited connectivity to each other (SQL & SMB traffic only)

i had created a community but it now seems there are other hosts which will need to speak to host A so i have a bit of a dilemma

as i can see it i'll have to

- set up Host A as a promiscuous port but that will allow all devices on all ports in that ip range to speak to it

- move host A to another DMZ out of the pvlan

above the switch is a juniper firewall

thanks to anyone taking the time to reply or to read this, much appreciated

1 REPLY

Re: PVLANs and firewalls

Hi ,

In my opinion moving the host A in a diferent DMZ would be the best solution.

Now the solution depends on the security rules on your company and how secured do you want your access to services, in their absence.

HTH

Dan

176
Views
0
Helpful
1
Replies
CreatePlease login to create content