All VLAN ACLs should be on the "core" switch, no ACLs on other switchesĪgain, I am entirely new to L2+/元 on switches.VLAN routing and VLAN "firewalling" will be taken care of by switch ACLs.Change pfSense LAN IP to 10.1.1.1/16 with no more VLAN configuration.Probably also continue using this as the DHCP server, as well, as I have alot of persistent MAC-IP bindings. I want to continue using pfSense as the internet gateway router (NAT),WAN firewall, and VPN tunnel. All 4 switches have L2+ static routing features.īased on no personal experience, I want to run my ideas by you fine folks and get your feedback and corrections. 2x GSM7228PS switches make up the rest of the network for security cameras, client end points, and UAPs. 1x GSM7328S is in the rack for 1GbE connectivity. 1x XSM7224S (24x 10G SFP+) is the core switch. I have 4 Netgear switches in a 2-Teir design. Running a 10GbE network now, I think offloading as much inter-VLAN routing to the switch would be ideal.right? I currently have a pfSense custom box as my main NAT router, firewall, gateway, and DHCP server using VLANs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |