Need a bit of advise about a setup I'm intending on rolling out soon.
Equipment:
Stacked Dell N3000's
WatchGuard M200 (Active/Passive cluster)
Scenario:
I have a heap of new infrastructure coming on board and need to pass multiple VLANs to our firewalls instead of inter-vlan routing.
I've created all the VLANs on the WatchGuards, created a Link Aggregation that uses all the VLANs and assigned it two two interfaces (for the dual link throughput).
From the switches I've created two port channels:
PO30 TE1/0/44 & TE1/0/45 (these will plug into ETH3 of WG1 and WG2)
PO31 TE2/0/44 & TE2/0/45 (these will plug into ETH4 of WG1 and WG2)
The concept is that the port channels will trunk all the appropriate VLANS that have already been set up(50-60) with a port channel to the WatchGuards.
Ive set up routes for these vlans to route to the ip address of the vlan on the watchguard (the gw address) eg. Vlan 50 ip route 0.0.0.0 0.0.0.0 10.0.50.254 50. The vlan on the WG has 10.0.50.254 as its IP address.
Can you foresee any issues with this topology?
No comments:
Post a Comment