Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1131
Views
4
Helpful
5
Replies

Two Gateway's in same network with VLANs (Lan / Wifi Guest)

janakackv
Level 1
Level 1

‎05-17-2014 03:38 AM - edited ‎03-03-2019 07:24 AM

Hi all,

We have a requirement to design network for 800+ Network devices (PC/Laptop/Phones). here is idea in details and I need to plan required hardware for the same for evaluation purpose.

1. Ethernet LAN is as Trusted network and WiFi is as un-trusted for Guest's internet usage. (VLANs wise logically separated but use same physical network)  

2. WiFi Users restricted to access Ethernet network and Wired Lan users's permitted to see both logical networks.

3. We will have 2 internet connection for Wired and WiFi networks and these 2 network should be routed to only its gateway. (1 internet connection to wired and other internet connection to wireless guest users)

4. Wired network need to protect by a Firewall and Client access vpn access will granted. 

5. all switch's should POE and WiFi access points will not buy at this time. 

 

Please be kind to share with my your adivce to proceed with buying required Cisco hardware and plan accordingly,

Thanks in advance

KIT

 

Labels:
0 Helpful
5 Replies 5

Leo Laohoo
Hall of Fame
Hall of Fame

‎05-17-2014 03:51 AM 

We will have 2 internet connection for Wired and WiFi networks and these 2 network should be routed to only its gateway.

This, by far, is the dumbest solution I've ever heard.  The solution architect needs to be taken out the back and shot.  

We have a requirement to design network for 800+ Network devices (PC/Laptop/Phones).

5. all switch's should POE and WiFi access points will not buy at this time.

The two statements self-contradict themselves.  

 

Let me get this straight ... You want a solution for wired, wireless and VoIP.  But you won't buy wireless access points.   You have TWO WAN links, one for wired and one for guest access, and you want both to have one logical LAN network?  

 

Ummmmm ... let me just say ... Who is the "hack" who designed this?  It just doesn't make any sense.  

janakackv
Level 1
Level 1
In response to Leo Laohoo

‎05-17-2014 04:25 AM

I mean to wifi user vlan should routed via 1st ISP internet connection when they need to browse internet and wired vlan should routed to internet via 2nd ISP internet connection.

when it comes to local access (file/print sharing) wired uses has full access to both network but wifi uses shouldn't be able to access wired network resources's.

so my question is what are the Cisco switch models(core layer and edge) and firewall model that can handle and configure this type of requirement(800+ Users) and to power-up Cisco access points.

Regards

KIT

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to janakackv

‎05-17-2014 05:13 AM 

I mean to wifi user vlan should routed via 1st ISP internet connection when they need to browse internet and wired vlan should routed to internet via 2nd ISP internet connection.

This method is "old school".  You can enable traffic shaping policy to say wired users use full speed and guest users are shaped to 512 kbps.  

 

If your solution architect still insist on doing the "old school" method, then why don't you just separate the network altogether?  

when it comes to local access (file/print sharing) wired uses has full access to both network but wifi uses shouldn't be able to access wired network resources's.

ACL can do this. 

so my question is what are the Cisco switch models(core layer and edge) and firewall model that can handle and configure this type of requirement(800+ Users) and to power-up Cisco access points.

You left the part of your WAN speed.  What is your budget for all this setup?    What kind of PoE switch are you looking for?  24- or 48-port?  What kind of VoIP are you looking for?  What PoE do you require?  PoE?  PoE+?  uPoE?

 

By the way, your "solution" looks very familiar.  Like, I've seen this in a school project before.  Funny.  

0 Helpful

janakackv
Level 1
Level 1
In response to Leo Laohoo

‎05-17-2014 06:15 AM

This comes up from a Hotel to manage there Conference room Internet activity's when they have invents. evens its like old school type to you I think its a normal requirement from such a place to give faster internet connection to guest and secure internet access to staff.

we cant separate network since it will double hardware requirements (switch's) and cabling, manageability etc. 

24 Port POE Switch's will be enough. Internet speed will be two 12Mbps ADSL connections (ISP will provide router's)

my main concern about the suitable core layer switch support policy base routing to archive this.

Thanks for the posts but dint see any answer or any useful suggestions!

 

Regards

 

0 Helpful

Leo Laohoo
Hall of Fame
Hall of Fame
In response to janakackv

‎05-17-2014 07:49 PM

You will need a router that can support 25 Mbps (two 12 Mbps WAN link) as well as a minimum of three routable ports.  The "smallest" contender is the 2911.  Remember, if you require the bandwidth to be upgraded, you'll need to upgrade the router too.  So if your client can see the potential of a bigger bandwidth in the future, better get a bigger model than feel the pain later.  

 

If you want a low-cost 24-port switch, then WS-C2960S-24PS-L or WS-C2960X-24PS-L.

 

I can't give you any useful info about your "core switch" because you didn't provide any relevant and useful information.  Draw a diagram about how this setup is.  

 

What kind of core switch are we talking about?  Fibre?  Copper?  What kind of servers are present (list them all down).  Without any kind of network diagram, it's hard to recommend anything.

Customers Also Viewed These Support Documents