Hey Networking!
I've been doing general IT for about 7 years now, a big part of my job is networking as I'm the only person at my company with any networking knowledge (I'm somewhere around just below CCNA level of functional knowledge). But I have what I feel is a very stupid question that I already know the answer to.
We have a couple of small offices with very simple setups. Topology below:
Internet > Firewall (acting as router) > Switch 1 (L2) > Switch 2 (L2)
The switches here are daisy chained so to speak, so switch 2 has no uplink back to the firewall, but I'd like to add one for redundancy purposes (if even possible). The firewall's (Palo Alto) inside interface is configured with layer 3 subinterfaces connecting to switch 1's trunk port. I find myself a bit perplexed about how to connect switch 2 back to the firewall, in terms of the firewall's interface configuration for that connection.
I'm mainly concerned with the layer 3 configuration here. The subnet for the new interface on the firewall that connects to switch 2 would have to be a different subnet than the one already configured on the uplink to switch 1. I don't think the firewall will even let me configure an interface with a subnet that overlaps with an already existing subnet on another interface, I can only imagine the routing implications with something like that and this whole thing doesn't seem possible because the clients will already be on a different subnet/valn than the backup uplink.
So is this even something that can be done? If I had a layer 3 switch to add in between the firewall and switches I know I could accomplish this, but I'm wondering if this is even possible with only L2 switches.
Thanks in advance!
No comments:
Post a Comment