- Community Home
- >
- Networking
- >
- Legacy
- >
- Switches, Hubs, Modems
- >
- Re: Need Confirmation about new architecture...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-02-2008 12:30 AM
тАО05-02-2008 12:30 AM
I just want a confirmation about my network Diagram (file below).
Is everything ok? Made me part of your remarks.
Thanks.
Yoann
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-02-2008 03:49 AM
тАО05-02-2008 03:49 AM
Solutionyou make new network architecture very successfull .
I hope you make think about network security.
you can on network for client connection
802.1x port baset security or clasic mac base securtiy .For system security dhcp snooping ,arp protection,front panel security,loop protection.For managemet security ip autoraize manager ,ssh,ssl etc.
good luck..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-02-2008 04:18 AM
тАО05-02-2008 04:18 AM
Re: Need Confirmation about new architecture...
The new network diagram is attached to this message
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-02-2008 06:47 AM
тАО05-02-2008 06:47 AM
Re: Need Confirmation about new architecture...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-02-2008 07:22 AM
тАО05-02-2008 07:22 AM
Re: Need Confirmation about new architecture...
this network achitecture make for successfully working pc ip addreses same subnet in vlan ip address and vlan ip addres all pc default gateway address.each vlan own address range .I see you write on 3500 default routing command 0.0.0.0 0.0.0.0 172.16.0.250 ok very good because you internet router response this route you make write on internet router ip route command.
example:
ip route 172.16.0.0 255.255.255.0 172.16.0.240
ip route 172.16.5.0 255.255.255.0 172.16.5.240
ip route 172.16.2.0 255.255.255.0 172.16.2.240
ip route 172.16.1.0 255.255.255.0
172.16.1.240
ip route 172.16.10.0 255.255.255.0 172.16.10.240
so you want for pc vlan dhcp server you write ip helper|dhcp ip address| in vlan interface and assign scobe name vlan5 scobe name you want another vlan for dhcp scobe create same dchp server on (same nic)another scobe and scobe name example vlan3 and you write ip helper address in vlan 3
good luck..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2008 01:21 AM
тАО05-03-2008 01:21 AM
Re: Need Confirmation about new architecture...
VLAN 1 (which is on same subnet as firewall) can ping internet.
But any other VLAN can ping firewall.
What's the issue?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2008 05:16 AM
тАО05-03-2008 05:16 AM
Re: Need Confirmation about new architecture...
Your firewall exists in Vlan1, and it doesn;t know any thing about Vlan2-5
Therefore, you should tell the Firewall how to reach Vlan2-5 (Route Back) by pointing all the Networks for Vlan2-5 to the 3500 Switch 172.16.0.240.
Add 4 static routes on your firewall like this:
VLAN 2: 172.16.5.0/24 route to 172.16.0.240
VLAN 3: 172.16.2.0/24 route to 172.16.0.240
VLAN 4: 172.16.1.0/24 route to 172.16.0.240
VLAN 5: 172.16.10.0/24 route to 172.16.0.240
If you can understand the CLI:
Router(config)#ip route 172.16.5.0 255.255.255.0 172.16.0.240 **Route to Vlan2
Router(config)#ip route 172.16.2.0 255.255.255.0 172.16.0.240 **Route to Vlan3
Router(config)#ip route 172.16.1.0 255.255.255.0 172.16.0.240 **Route to Vlan4
Router(config)#ip route 172.16.10.0 255.255.255.0 172.16.0.240 **Route to Vlan5
Good Luck !!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-03-2008 05:20 AM
тАО05-03-2008 05:20 AM
Re: Need Confirmation about new architecture...
Router(config)#ip route 172.16.0.0 255.255.0.0 172.16.0.240 **Route to Vlan2-5
Note:
This will include all the 172.16.0.0/16 Subnet
Good Luck !!!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО05-04-2008 10:03 PM
тАО05-04-2008 10:03 PM