No, they are unmanaged switches. Ones just an 8 port linksys and the other is a Dell connect, unmanaged. Just plain switches.

Beuller? Beuller????

Yeah, not going to go with unsecure, "not recommended". I looked on ebay at the 2950 switchs. Seems to be a mass of really cheap stuff. There must be a reason?

Are there any Cisco Reps here that chime in for the advice?

It's just a small business so i dont need to be spending 10,000 on switches. Looks like Vlans is the option.

So I suppose I would need 2 switches that will do the vlan config? (I looked at the Dell PowerConnect 3524 Switch)

Then I suppose I may ask what that would look like (I'll have to study up on vlans) Just plug the dmz and the lan ports into the switch and it securly controls the flow over to the other switch?

Anyway, thanks for chiming in Elton!

Burr

Thanks Elton,

    Yeah, the SA 500 is our firewall device. Controlling a VPN. Internally, I just need to get the DMZ up to the other room without running another wire (running another wire is optimal, just less optional).

I didnt originally care for the juniper stuff I looked at, thats why we got the SA 500. But not opposed to it now.

Elton Babcock wrote:
    Any switch that is manageable and do VLANs is ideal in my opinion.

Yeah, that sounds like it. I just need to start the research on what all that means, why and how, so i buy the best option for us.

Maybe someone that knows the SA 500 and looks at what i am trying to do can suggest the 2 switches from Cisco?

I suppose the real roadblock for me is if the suggestion is 2 x 2000 dollar switches.

Maybe just 1 more SA 500 on the other end, and uplink those? Then just expand the lan with the switches from those?

Elton Babcock wrote:
As for the question about how VLANs can be security transferred to another switch over the same cable is through 802.11q tagging.

The switch basically adds tags to the packet and the downstream switch is configured to read those tags and forward them onto the appropriate VLAN.

This only happens on what are called trunk ports.

Very cool. I'll read on those tonight. Probably browse through the SA 500 docs on it's Vlan capabilites to see if that sheds light also.

Thanks Elton

Yes, thats it:

You can configure the "optional port" to be the DMZ and it will create the seperate "172 range" internal network, which is unfiltered and unsecure, and pump everything out the WAN port. It will do the vlan stuff. Again, i just need some study and understanding.

So I need to run the optional port and the LAN prts to the other room over a single wire, maintaiing the seperation and security of the 192 and 172 lan configs.

Still dont know how to configure the SA500 well for Vlans. Reading and maybe a couple questions.

That sounds like it Elton. So I need "2 managed switches" capable of doing vlans.

You directed me to "Cisco 2950 switches" which are pretty cheap on ebay. Noting that the SA500 is roughly a $500.00 device, what would be some switches from Cisco i should look at? You mentioned the "The 2960 and 2960S series" and I havnt looked at those yet, but intended to a little later. The Dell (Juniper?) ones are around 299.00.

Thanks again Elton. You're getting me on the track I need to be!