09-24-2012 06:23 PM
At my place of employment we've implemented a couple PAN-2020s in HA and have defined about 6 to 8 networks 1 attached to 1 physical port in a L3 configuration. We have cables running to a switch that each are untagged with different vLAN ID's (LAN = Default_VLAN, DMZ = DMZ_VLAN, etc). The vLAN'ing is done on the switch (HP ProCurve 2810-48G) and other ports are tagged and represented to VMware hosts.
PAN --> HP 2810-48G ==< VMware HOSTs
I have a few open ports, but am needing to create about 3 more networks to use and have quickly run out of physical ports.
For those of you who have done this, or any PAN techs helping out here, what is the best practice for implementing vLANS in this type of environment. I've seen some example of L2 configurations as well as L3 and I am a bit confused on what is best.
What is the best way to make a handful of physical ports aggregate on the firewall to present those vLANs to the switches, and then to the VMware hosts without doing that over just one cable? Do I need to configure the vLANs on the switch as well and tag those ports?
I realize these are a lot of questions - unfortunately the project was escalated a few months ago and I did not get sufficient time to design this out, so it's made it hard to design well, and I have some opportunity to implement changes before this environment goes 100% into production. So I don't have quite the liberty to test this out.
Am I on the right track with this document?
Thanks for all your help!
09-24-2012 08:06 PM
For terminating multiple VLANs on the same physical interface, multiple tagged sub-interfaces should be created
09-25-2012 04:08 PM
Can you aggregate these across interfaces?
09-25-2012 04:12 PM
09-25-2012 04:46 PM
Yeah,this configuration was accepted by the firewall.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!