Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
0
Helpful
1
Replies

Moving DMZ to a Vlan

mwidina
Level 1
Level 1

‎01-31-2002 10:42 AM - edited ‎03-01-2019 08:19 PM

Here is what I would like to do. I have 2 4006 switches w/L3. I would like to take the 4 devices on my dmz (Router, Pix, Altiga vpn concentrator, DNS server)currently on a flat hub, and move them to a vlan. Can I do this without causing a routing problem? Do I simply define the vlan and just not give it an ip address so that those machines do not have access to the network through the "DMZ vlan". Traffic would have to go through the other inside intrefaces to get anywhere. Or, am I missing something altogether....

Any info would be appreciated.

Mike

Labels:
0 Helpful
1 Reply 1

colin.mccrory
Level 1
Level 1

‎02-04-2002 03:17 PM

Mike,

You can create a new vlan ( e.g. vlan 99 ) and add four ports on your catalysts to that vlan. On the routing blade, do not add an Ip addess as you have said.

This would provide your DMZ on a private vlan.

However, you would still need to have connectivity from your internal network to this new MZ location which would replace the connection to your existing shared hub.

Is the PIX configured for one inside interface (which connects to your internal routed LAN) and a seperate outside interface for external traffic, as well as this DMZ you have created?

Please provide more config details of the topology layout if this does not answer your question.

Colin

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents