[j-nsp] ISG 1000
Sidney Boumendil
sidney.boumendil at gmail.com
Sun Mar 7 13:24:53 EST 2010
On Sun, Mar 7, 2010 at 7:02 PM, networking alcatel <netprodata at gmail.com> wrote:
> Hi
>
> I have got a ISG 1000 firewall which has the default 4 interfaces, i need to
> configure 4 zones on a single interface and 1 zone which is the untrusted
> zone on another interface , the other 2 interfaces will be used for HA and
> heartbeat as there are 2 ISG 1000 my point is
>
> - can i have 4 different zones on a single interface these are all
> trusted (inside) and require to communicate with one another and also with
> the outside interface
> - can the DMZ zone and the trusted zone be binded with the same interface
> (sub-interfaces are proposed using vlan tagging)
>
> will this type of solution work.
Yes it works, juste use vlan tagged sub-interfaces. You can bind
sub-interfaces to any zone you want.
Be sure to check your licence supports the number of zone you want to create.
More information about the juniper-nsp
mailing list