So without getting too far off in the weeds here - I have two locations. Site A and Site B.
A switch at Site A has as a direct run of fiber 1 mile to Site B.
I’ll be introducing public WiFi at Site B. I’ll be using client isolation on the public WiFi SSID, as well as tagging all traffic on that SSID with say VLAN500.
The AP will be connected to the core switch. Port will be an access port on VLAN500.
The uplink port on Site B’s switch will obviously be a trunk port passing all VLANs. It will trunk all traffic back into Site A, where i will configure another port on Site A’s switch as an Access Port on VLAN500, which will then go to a separate firewall.
Is there any risk whatsoever at compromising the internal LAN? I’ll have some extremely sensitive data on the internal network that shares the same switch to get back to the internet at Site A.
No comments:
Post a Comment