There are two remote networks. They are physically in one location, but for regulation dodging reasons, they are separated physically. Both networks are on an overlapping /16 network. One is connected to a Cradlepoint cell modem (no firewall). The other is connected as such: Cradlepoint > Fortigate > /16.
I've been told to connect the two networks to the same Fortigate firewall they already have, but prevent the two overlapping networks from communicating...
The only way I can see this working is if I split the Fortigate into two VDOMs. If I give each VDOM one of the Cradlepoint modems, I should be able to keep those two networks entirely separate.
Please don't bash on me for this situation. I had nothing to do with this and my company has been brought in to clean things up.
Our CEO doesn't say no and I'm in my first professional level position in my career. We're an MSP and that should probably tell you a lot.
Edit: went on a rant and forgot to ask... Does this sound like a good solution to you guys? Am I missing something? Is there something better I can do? My biggest concern is killing my connection to the management plane. My only access to the firewall is through a port forward on one of the Cradlepoints.
Thank you.
No comments:
Post a Comment