New job and I just discovered that the VPN appliance is connected to one of the access switches. But all the SVIs are on the DMZ (also acting as a core switch). See current topology here My question is why is the VPN connected at the access switch? Wouldnt it be better if it was on the distribution switch or even on the DMZ/core?
For instance if VPN users wanted to access the BKUP SVRs, that means traffic will go all the way back to the DMZ (where the SVIs) are and then back to the access switches again.
What would u recommend? And why?
No comments:
Post a Comment