05-19-2004 12:46 AM - edited 03-02-2019 03:47 PM
I'm looking to set up a test environment in order to test network security and in particular setting up a port based VLAN.
Could anyone recommend Cisco hardware that would support the following:
24-port switch to be setup as 24 segmented port based VLANS (this is to prevent pc's plugged into each port on the switch from accessing other pc's plugged into the switch. The switch needs to be able to provide DHCP addresses to PC's plugged into the switch.
DSL router which will connect to the switch and provide the gateway to the internet for the PC's plugged into the switch, firewall capabilities are required.
I have looked at the Cisco 2950-24 switch and the Cisco 2600 Multiservice platform router but from what I have read I am not sure which models to purchase and whether they support what I am trying to setup.
05-19-2004 02:26 AM
You need PVLANs or private VLANs. This way you will save a lot of IPs. You can also try Cisco 3550-24 switch.
Hope this helps.
05-19-2004 07:08 PM
To answer your question, the key is your definition regarding preventing PC's plugged into each port on the switch from accessing other PC's plugged into the switch?
Since the purpose of VLAN is to break up broadcast domain, instead of preventing from accessing each other, with a router such as 2600, different VLANs still have logical connection, such as they are able to pinged each other, and so on.
05-20-2004 11:10 AM
I think a 2950-24 with protected port configuration would be perfect for what you are trying to do.
As far as the DSL router the Cisco 827 4-V, or 837 will provide the DSL interface and Ethernet interface you need along with full Cisco IOS, NAT, IOS Firewall, and VPN.
http://www.cisco.com/en/US/products/hw/routers/ps380/
Dan
05-30-2004 02:36 AM
A 3550 will best serve your needs, as it can provide the DHCP server functionality as well as the PVLAN or VLAN requirements. I don't believe the 2950 can offer DHCP server functionality.
My take is you'll need PVLAN's who'll access only the routed ported being the DSL router.
The switch won't provide firewall services, but your DSL modem most likely will.
nick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide