Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
If you have a router on the outside of the Concentrator with good ACL's then I would stick to design 1. I don't think you will really benefit from any added security from the Checkpoint in this case. Kudos to having the inside interface connected th...
I also agree with using the 3750's. With those switches you will get layer 3 capabilities that the 2900 series switches do not have. That way you can create Switched VLAN Interfaces and have segmented networks.
Sorry, I thought you were talking about EMI vs. SMI.L3 to the access is something that we thought about but decided against. It gets a little deep and there were a number of arguments for and against but it really came down to management. For User ...
SMI code only allows for static routes and RIP. EMI allows BGP, OSPF, and EIGRP. It is also a lot more for the code but well worth it when looking at a L3 network.
If you are running EMI code on the 3750's I do not think it would be an issue. Keep in mind that you will only have a total of 4 fiber connections from the core. The distribution layer is exactly where you want to place your 6500's with the FWSM and...
