Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1729
Views
0
Helpful
4
Replies

connect 2 company in L2

Gianluca1981
Level 1
Level 1

‎09-10-2020 12:59 AM

Hi,

our customer have to install in our infrastructure 2 server and 2 switch L2. Their switch should connect to our switch L2/L3

So

Customer Server-->Customer Layer2 Switch-->ISP L2/L3 switch-->ISP Router

On ISP L2/L3 switch we configure vlan and we have trunks to Customer Layer2 Switch

We should enable STP.

 

It is a best practice connect in L2 2 different company ? Any reccomendation or best practise ?

0 Helpful
4 Replies 4

Rob Ingram
VIP
VIP

‎09-10-2020 01:12 AM

Hi,

Any reason why you need to extend Layer 2?|

As you are connecting to a 3rd party I'd recommend placing a firewall in between your network and the 3rd party and permit only the necessary traffic, if you need to be in L2 then you can configure the firewall in transparent mode. This is supported on ASA or FTD.

 

HTH

0 Helpful

Gianluca1981
Level 1
Level 1
In response to Rob Ingram

‎09-10-2020 01:39 AM

thanks Rob.

I received that design in order to rise security concern. we cannot put a transparent firewall.

I think the best solution is make routing between the 2 switch, a bgp session for example.

but which is the the risk related to extend the L2 ? There is any document on that?

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame

‎09-10-2020 02:08 AM - edited ‎09-10-2020 02:08 AM

what kind of Layer 2 Delivery providing by ISP ?

 

if the partner is trusted, and if this is isolated VLAN should be ok( not 100%) , if that is mixing with your VLAN, you need have some secure boundary. If the Switch support you can do Macsec you can run on it if you can.

 

Still i have question is you looking to extended Layer 2 ? and you would like to run BGP ? can you elaborate the requirement.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Gianluca1981
Level 1
Level 1
In response to balaji.bandi

‎09-10-2020 05:40 AM

the partner is a customer (we can define it trusted?).

They come to us with 2 servers and 2 L2 switch (with 10 vlan), we have to interconnect them on a our 2 dedicated layer 2/3 switch that close the L2 and interconnect with router for transport. So the L2 is completely isolated.

I think how to prevent any kind of L2 problems between our L2/L3 switch and their Server+Switch, ie STP, VTP

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card