Finally was able to finish this simple config. To get a simple access port/trunk configuration working. Now I need some help with locking down the VLAN filtering. Any links on a good way to make sure it is locked down?
Also getting a CRS504-4XQ-IN to drop in and do stateful firewall/routing offloaded to HW as well.
Question is should i do a one-leg model for just those VLANs that I am wanting to route/firewall or should i put it inline prior to my Firewalla firewall which with this current config is the next hop and is serving up DHCP & DNS.
Options:
1) one-leg ---- Internet->Firewalla->CRS326-24G-2S+RM(L3HW VLANs)
|(2x40GB -QFSP+)
CRS504-4XQ-IN(Routing/Firewall-HW-Offload)
2) inline - Internet->Firewalla->CRS504-4XQ-IN(Routing/Firewall-HW-Offload)->(2x40gb-QSFP)->CRS326-24G-2S+RM(L3HW VLANs)
Thanks
Also getting a CRS504-4XQ-IN to drop in and do stateful firewall/routing offloaded to HW as well.
Question is should i do a one-leg model for just those VLANs that I am wanting to route/firewall or should i put it inline prior to my Firewalla firewall which with this current config is the next hop and is serving up DHCP & DNS.
Options:
1) one-leg ---- Internet->Firewalla->CRS326-24G-2S+RM(L3HW VLANs)
|(2x40GB -QFSP+)
CRS504-4XQ-IN(Routing/Firewall-HW-Offload)
2) inline - Internet->Firewalla->CRS504-4XQ-IN(Routing/Firewall-HW-Offload)->(2x40gb-QSFP)->CRS326-24G-2S+RM(L3HW VLANs)
Thanks
Statistics: Posted by tdampier — Sun Jan 28, 2024 11:57 pm