Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VLan setup

Status
Not open for further replies.
redman71

redman71

IS-IT--Management
Joined
Mar 15, 2002
Messages
329
Location
US
I have a gigabit fiber connection coming in and a cisco 2970 catalyst. I'm trying to bring in a firewall that only has a 100Mbps external port. I've purchased a 1G fiber/copper media converter, however the copper side only operates at 1G. Could I set up a VLAN on two ports running at 100Mbps and connect the copper side to that? Then add run a straight cable to my catalyst that will be on the trusted side of the firewall? Then everything on the catalyst will be BEHIND the firewall? Will that allow traffice to go from the switch through the firewall?
If so, how would i set up the VLAN?
HELP!
 
Sort by date Sort by votes
Why not purchase a cheap 10/100/1000 Switch? you can get them from Dell or something for a pretty low cost. That way your Cisco can just sit behind your pix. You can set this up the way you want though. Just assign 2 interfaces to the same VLAN. oneto your converter and one to your external side of your pix. Set up a second VLAN for you internal and assign the rest of your ports to the internal VLAN. all internal hosts will just have to point to the internal int of the pix as their gateway.
 
Upvote 0 Downvote
create 2 VLANs on your switch, one is for firewall outside, one is for firewall inside.

!
vlan 10
name fwoutside
!
vlan 20
name fwinside
!

Assign vlan 10 to 2 ports, one connects to the fiber converter or whatever, one connects to your external interface of the firewall.

!
interface g0/1
description Connected to fiber converter or whatever
switchport access vlan 10
switchport mode access
speed 1000
dup full
!
interface g0/2
description Connected to firewall external interface
switchport access vlan 10
switchport mode access
speed 100
dup full
!

Then assign VLAN 20 to the remaining ports if you like, which are used for connecting to the firewall inside (behind firewall), including the internal interface of the firewall.

!
interface g0/3
description Connected to firewall internal interface
switchport access vlan 20
switchport mode access
speed 100
dup full
!
interface range g0/4 - 24
description Devices behind firewall
switchport access vlan 20
switchport mode access
!

This part of the configuration only involves VLAN creation and assignment. You may still have other configuration that you want.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

cheikhdtn
  • Locked
  • Question Question
VLAN
Replies
3
Views
389
iggsterman
iggsterman
mikey789
  • Locked
  • Question Question
Can 4000-M Routing VLANs ?
Replies
0
Views
257
mikey789
mikey789
netguy2000
  • Locked
  • Question Question
C2960TTL multiple Trunk ports with same VLAN
Replies
1
Views
331
chieftan
chieftan
chieftan
  • Locked
  • Question Question
Strange VLAN issue
Replies
1
Views
324
chieftan
chieftan
napoleao
  • Locked
  • Question Question
Access List Vlan
Replies
5
Views
490
napoleao
napoleao

Part and Inventory Search

Sponsor

Back
Top