03-15-2013 04:40 AM - edited 03-10-2019 08:12 PM
I want to deploy CAS inband virtual Gateway mode. My Untrusted Side has 5 vlans so it will defenately be trunk cable to eth1 (Untrusted).
My Question is that can i provide eth1 IP from any of existing vlans or should i create new managment VLAN ans assign new address to eth1 from
managment subnet.
Also help should i also define eth0 as trunk interface as client has existing gateway of firewall and then access DMZ servers. What IP address of eth1 should be assigned. Can eth0 and eth1 have IP's from same VLAN (Subnet). e.g VLAN 90.
03-15-2013 05:34 AM
Sajid,
When deploying CAS in virtual gateway the interface ip is the same ip as the trusted interface. However you will need to assign an unused ip address from all vlans and use that in your managed subnet configuration.
Thanks,
Tarik Admani
*Please rate helpful posts*
03-18-2013 01:40 AM
for untrusted (managed) subnet, i know that. What about the eth1 (trusted) interface. will IP be the same. what vlan it will belong. same vlan as managed subnet.
e.g i have 3 vlans on managed subnet 10.20.1.0 (vlan 51) 10.20.2.0 (vlan52) and 10.20.3.0 (vlan 53) with 24 bit subnet.
i assign 10.20.1.5 (vlan 51) 10.20.2.5 (vlan52) and 10.20.3.5 (vlan 53) to eth0 (managed/untrusted) interface.
can i assign 10.20.1.5 with vlan 51 (same vlan as managed one) to eth1 interface trusted/protected.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide