11-24-2014 12:28 PM
I'm want to make sure I've got this correct. I would like to build a VLAN for DMZ devices that would terminate directly to my FW's. Can the VLAN interface be the network /26 then I could assign each physical port for the DMZ devices to this VLAN? The devices won't need to be tagged, but I'll assign the static IP to the device. I'm trying to eliminate terminating my DMZ devices to a switch then forward the traffic to the FW's. I would rather connect my DMZ devices to each FW. Looking at most documentation it basically discusses tagging the ports and don't really see a config like what I'm proposing. I run the FW's in Layer 3 mode. Will I still need to build Layer 2 interfaces then create one Layer 3 interface to be able to send this traffic out? So far I don't have a need for the devices to talk to each other. I'm essentially just trying to use the FW as a switch. Assistance with this set up is appreciated.
Thank you,
Ted
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
