Solved: Help with VLAN & Subnet theory

bellaireroad · ‎04-22-2012

Hello, I am adding a barracuda VPN appliance to my network. The appliance must use a class B network (192.168.0.0 255.255.0.0) - and my current configuration is class C (192.168.1.0 255.255.255.0). I am confined to one IP address for the WAN, and using NAT to forward ports for a server. Will need to port forward the barracuda as well.

The router is a cisco 1941 and the switch is a layer 3 - HP 3500 yl..

What would be the best way to add this device?

Thanks

Talha Ansari · ‎04-22-2012

Hi,

I guess the best way should be to connect your router, firewall and servers all in the hp switch. Terminate your wan link on the router. On the servers specify the gateway as the firewall and on the firewall specify the router as the gateway for outgoing traffic. Similarly for incoming traffic specify a route in the router pointing towards firewall. Apply the policies or natting on the firewall.

However, you can use 192.168.2.0/24 or even /30 if only two ips are required rather than going for /16. You may divide the traffic into vlans on the switch level. Hope that helps.

Regards,

Talha

View solution in original post

Talha Ansari · ‎04-22-2012

Hi,

I guess the best way should be to connect your router, firewall and servers all in the hp switch. Terminate your wan link on the router. On the servers specify the gateway as the firewall and on the firewall specify the router as the gateway for outgoing traffic. Similarly for incoming traffic specify a route in the router pointing towards firewall. Apply the policies or natting on the firewall.

However, you can use 192.168.2.0/24 or even /30 if only two ips are required rather than going for /16. You may divide the traffic into vlans on the switch level. Hope that helps.

Regards,

Talha