Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Intervlan firewall

Intervlan firewall 9 years 6 months ago #20283

  • Rugge
  • Rugge's Avatar
  • Offline
  • New Member
  • Posts: 1
  • Karma: 0
Hi,

We have a Cisco switched network with a number of vlan's. We have two 4006 vtp server switches where the intervlan routing is taking place. On these 4006 switches we have rather big and growing ACL's applied to the different vlan interfaces.
As you know administration of ACL's is a little difficult and not admin friendly. I can do it, but my workmates who do not have very deep network and Cisco knowledge can't.
I'm wondering if we can move the ACL's away from the Cisco switches and put them on an opensource firewall with gui administration?
I'm concerned about performance and wondering if this is a recommended setup or if there is a more clever way to move away from ACL's?

Kind regards,
Rutger
The administrator has disabled public write access.

Re: Intervlan firewall 9 years 6 months ago #20411

  • Elohim
  • Elohim's Avatar
  • Offline
  • Senior Member
  • Posts: 220
  • Karma: 0
Yes, build layer 2 vlans which spans both switches and put a firewall interface in each of the each. Then, use the firewall interface as your default gateway for each of the respective vlan. Perhaps you can just do router on a stick and put your ACLs on the router.
Hi,

We have a Cisco switched network with a number of vlan's. We have two 4006 vtp server switches where the intervlan routing is taking place. On these 4006 switches we have rather big and growing ACL's applied to the different vlan interfaces.
As you know administration of ACL's is a little difficult and not admin friendly. I can do it, but my workmates who do not have very deep network and Cisco knowledge can't.
I'm wondering if we can move the ACL's away from the Cisco switches and put them on an opensource firewall with gui administration?
I'm concerned about performance and wondering if this is a recommended setup or if there is a more clever way to move away from ACL's?

Kind regards,
Rutger
The administrator has disabled public write access.
Time to create page: 0.073 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup