So - to keep this as simple and straight forward as possible. I bring a dual-hand off for my WAN connections from the data center into a stack of Cisco switches... They land on a L2 Vlan Interface... From there, I have an access port tied to fw etc, on the WAN vlan. Then configure firewall as the L3 router and disperse vlans as necessary for internal traffic.
For a web server... On ESXI, can I just have one network adapter on the same WAN vlan (separate public IP on my subnet), and one on a "DMZ" vlan, that is only allowed to be talked to from a specific subnet, and not vice versa? Or is that a bad idea?
This seems logical for me, but I just want to clarify. Any questions, please let me know.
No comments:
Post a Comment