We will soon be deploying some core switches.
When going upstream (towards outside) from the core L3 switches to a set of firewalls, I'm unsure if the the links between the firewall and core switches should be routed or access ports?
We currently do not have any core L3 switches, and have been using the firewalls for routing purposes. The links between the firewalls and our current switches (L2) are access ports. Note that we are restricting external traffic to a unique VLAN (e.g. VLAN 10). In other words, VLAN 10 is the only VLAN that is subject to routing, so switchport access vlan 10 on the interfaces directly connected to the inside interfaces of the firewalls.
No comments:
Post a Comment