[j-nsp] ISG 1000
Fahad Khan
fahad.khan at gmail.com
Mon Mar 8 04:51:54 EST 2010
Yes, simply make sub-interfaces and relevant vlan tagging, then connect that
port with your switch over trunk using dot1q.
regards,
Muhammad Fahad Khan
JNCIP - M/T # 834
IT Specialist
Global Technology Services, IBM
fahad at pk.ibm.com
+92-321-2370510
+92-301-8247638
Skype: fahad-ibm
http://www.linkedin.com/in/muhammadfahadkhan
http://fahad-internetworker.blogspot.com
http://www.visualcv.com/g46ptnd
On Sun, Mar 7, 2010 at 11:24 PM, Sidney Boumendil <
sidney.boumendil at gmail.com> wrote:
> On Sun, Mar 7, 2010 at 7:02 PM, networking alcatel <netprodata at gmail.com>
> wrote:
> > Hi
> >
> > I have got a ISG 1000 firewall which has the default 4 interfaces, i need
> to
> > configure 4 zones on a single interface and 1 zone which is the untrusted
> > zone on another interface , the other 2 interfaces will be used for HA
> and
> > heartbeat as there are 2 ISG 1000 my point is
> >
> > - can i have 4 different zones on a single interface these are all
> > trusted (inside) and require to communicate with one another and also
> with
> > the outside interface
> > - can the DMZ zone and the trusted zone be binded with the same
> interface
> > (sub-interfaces are proposed using vlan tagging)
> >
> > will this type of solution work.
>
> Yes it works, juste use vlan tagged sub-interfaces. You can bind
> sub-interfaces to any zone you want.
>
> Be sure to check your licence supports the number of zone you want to
> create.
>
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp
>
More information about the juniper-nsp
mailing list