- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Comware Based
- >
- Re: Isolating VLANs
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-02-2012 04:10 PM - edited 04-02-2012 04:12 PM
04-02-2012 04:10 PM - edited 04-02-2012 04:12 PM
Isolating VLANs
Hiya
I want to assign three ports to a VLAN so I can connect two firewalls to our ISPs router. So I want the VLAN to be isolated. So far I'm planning on doing the following:
No VLAN interface.
Disable LLDP on the ports.
Disable IGMP on the VLAN.
Disable MSTP on the ports.
All ports untagged on the VLAN.
Is there anything else I should be doing to make this public-facing VLAN more secure?
- Tags:
- VLAN
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-04-2012 01:52 AM
04-04-2012 01:52 AM
Re: Isolating VLANs
hi amtiskaw
if you have no vlan-interface at the internet you are save enough, because noone can reach your switch. all other features are L2 and can not reached from the Internet as well (L3).
br
Manuel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-13-2012 08:16 PM
04-13-2012 08:16 PM
Re: Isolating VLANs
DHCP and ARP snooping might be worth turning on as well, for added security.
Paul
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-15-2012 10:30 AM
04-15-2012 10:30 AM
Re: Isolating VLANs
If you don't want VLAN to VLAN communication. Make everything in that VLAN's gateway the firewall instead of the VLAN address.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-25-2012 03:48 PM
06-25-2012 03:48 PM
Re: Isolating VLANs
Thanks, guys :-)