[c-nsp] Firewall/LAN implementation
Mark Tohill
Mark at u.tv
Wed Aug 17 10:11:58 EDT 2005
Hi,
Hope this is not off-topic.
Current Scenario:
2 x 3700 series routers in active-standby configuration (HSRP) . They
are implementing IOS SLB and NAT.
Behind these a 2950-24 switch. This box has only the Standard Image.
Behind this again are a number of Windows servers requiring protection.
Requirement:
Implement Firewall Solution with SonicWall in order to protect a subset
of these hosts.
Questions:
1. Can the Firewall be 'hung' off the switch and create port-based
VLAN's?
2. Would this involve sub-interfaces on the Firewall? I read in
SonicWall doc. that with appropriate Firmware upgrade, it can implement
sub-interfaces, but requires a 802.1q-capable switch.
3. Leading on from 2., I believe 2950-24 cannot run 802.1q since it runs
only a Standard Image(SI), according to CCO. Is this true?
4. Any other advice appreciated.
Thanks,
Mark.
More information about the cisco-nsp
mailing list