Saturday, December 14, 2019

In need of new Network Topology advice

Hello everyone,

I'm a novice network/sys administrator out of college as of 7 months ago. Me and my IT manager are in charge of facilitating our move to a new building from a network construction perspective. There are around 35 employees, maybe less, so it's not a huge deployment. We plan on feeding VLAN 16/32 for Data and VLAN 64 for VOIP to the Polycom phone and then using the second port on the phone for the internet to the MacBook. That way we save an extra port on the Cisco switches for each workstation.

I've made an initial network diagram, using the network gear that is available to us. Here is a link to it, I'd love some feedback from you experts if something like this is feasible at least. I also have some initial questions:

  • Where inter-VLAN routing should be done if at all? Is it possible to do it on the firewall level?
  • Where should DHCP be handled, on the firewall? IPs for .16 and .32 and .64 need to be provided on some level.
  • Is it possible to route multiple VLANs on one Firewall port? I would love to have those two Cisco switches connected to one "LAN" port on the FortiGate/Meraki
  • Should the two Cisco switches be daisy-chained? What would be the proper way?
  • For the access-port side of the Cisco switches (To the phone), Since VLAN 16,32, and 64 will be used, the ports facing the phones need to be trunk ports correct?
  • What's the best way to assign VLANs to the ports? Just segment some ports for the developers (VLAN 32), and then VLAN 16 for the corporate employees?

I really appreciate the help. I can provide whatever info or additional context that is needed.



No comments:

Post a Comment