Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
709
Views
0
Helpful
1
Replies

Is it safe to run out of band network on my vm servers sitting in DMZ

carl_townshend
Spotlight
Spotlight

‎12-12-2012 08:33 AM - edited ‎03-07-2019 10:34 AM

Hi all

A quick question,

I have some vmware sitting in my DMZ on plublic ip addresses, At the moment we have no management to them.

I do not want to put the management addresses on public ip addresses so I dont have to waste them.

is there any way around this ? ie give them a internal address that sits on my DMZ switch with a connection on that VLAN to my LAN, Or is this too Dangerous ?

cheers

Carl

Labels:
0 Helpful
1 Reply 1

stubinski
Level 1
Level 1

‎12-12-2012 09:47 AM

Hi,

There is no harm in having the management interfaces directly connected to your LAN if they only are used for management purposes (vsphere), and I wouldn't use public IP's for management purposes. 

However, I prefer to keep my DMZ switch network physically separate from my internal LAN so I would either plug the management ports directly into a internal lan switch or create a subinterface and all the ACL's that come with this setup on my firewall and treat it as a higher security level DMZ.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card