Re: Switch w/ VLANs at the Edge Question

---

• From: tman <naves.tom@xxxxxxxxx>
• Date: Tue, 19 Feb 2008 14:02:51 -0800 (PST)

---

On Feb 19, 11:57 am, Trendkill <jpma...@xxxxxxxxx> wrote:

On Feb 19, 12:56 pm, tman <naves....@xxxxxxxxx> wrote:

I have several switches in my public network each connecting two or
three devices on seperate networks.  I thought it would be a good idea
to consolidate them into one switch with a VLAN for each network with
no interVLAN routing.  I can't find any information that I can
understand.  I was wondering if anyone does this and how to make it
secure.

Thanks.

Essentially you are talking about creating the vlans centrally, using
VTP to propagate out the VLANs, using your existing routers to service
those networks (or perhaps consolidate those as well to a central l3
switch or router).  This isn't that difficult, and it depends if you
are consolidating onto a catalyst or ios based switch for config
references.  You also would need to control 'security' at the
routers.  If you don't want traffic between subnets, you'll need to
ensure that you aren't advertising the networks between you routers,
or you have access-control lists if you are routing centrally.

My plan is to use one switch that has one VLAN to connect every pair
of devices. Each pair of devices is in on a separate network. Each
port will be configured as an access port e.g. switchport mode
access. There will be no connections from this switch to any other
switches, thus no need for trunks. I am replacing several small
switches. The switch is a Catalyst switch with IOS.

Your comments will be welcomed.

Thanks
.

---

• Follow-Ups:
  • Re: Switch w/ VLANs at the Edge Question
    • From: Trendkill

• References:
  • Switch w/ VLANs at the Edge Question
    • From: tman
  • Re: Switch w/ VLANs at the Edge Question
    • From: Trendkill

• Prev by Date: 17xx supported ifOperStaus
• Next by Date: Re: Switch w/ VLANs at the Edge Question
• Previous by thread: Re: Switch w/ VLANs at the Edge Question
• Next by thread: Re: Switch w/ VLANs at the Edge Question
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Switch w/ VLANs at the Edge Question ... three devices on seperate networks. ... those networks (or perhaps consolidate those as well to a central l3 ... switch or router). ... My plan is to use one switch that has one VLAN to connect every pair ... (comp.dcom.sys.cisco) Re: Switch w/ VLANs at the Edge Question ... three devices on seperate networks. ... VTP to propagate out the VLANs, using your existing routers to service ... switch or router). ... you can't use one vlan to merge layer 3 networks. ... (comp.dcom.sys.cisco) RE: Layer 3 and Firewall ... Has anyone here actually used VLAN hopping in a pen-test. ... least for me) I found it HEAVILY dependent upon terrible switch ... On networks that didn't have all of that configuration management on the ... If the switch admin is not in sync with the ... (Pen-Test) Re: Auto-sensing for IPS devices ... Auto-Negotiation is essential in larger networks. ... about 1000's of switch ports and PC's connecting/disconnecting ... the ports at whatever they need to be. ... > you MUST set BOTH speed and duplex settings and you MUST set BOTH ... (Focus-IDS) Re: probably an easy routing question, so please help ... plugged into the same gigabit switch as Server B in Block 2 and they ... from a 10Mb link to the router and the computers are both hooked into ... not run out the 10Mb port to the router with all of its traffic, ... nodes in the two networks you don't own. ... (comp.dcom.sys.cisco)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(10)