asked on juniper netscreen 5gt vlan tagging
hello experts,
I am using netscreen 5gt in trust - untrust mode.
Its indicated that It can support at least 10 vlan. I have some vlans communicating but I want all my data to go through netscreen 5gt. If I configure the link from my catalyst to netscreen to be trunk, does it understand tagged data packets?
myswitch <=================>netscre
I am using netscreen 5gt in trust - untrust mode.
Its indicated that It can support at least 10 vlan. I have some vlans communicating but I want all my data to go through netscreen 5gt. If I configure the link from my catalyst to netscreen to be trunk, does it understand tagged data packets?
myswitch <=================>netscre
Network OperationsNetwork Architecture
Last Comment
mikebernhardt
You cannot pass the vlan tags across your firewall. The purpose of the 802.1q support is to allow the firewall to connect to multiple subnets over 1 physical connection. After that it's Layer 3 only through the firewall policy.
The way to do it I guess is to set up a bunch of routes in the firewall so it knows which logical interface is the destination for the various traffic. But it all gets "mixed" once it is inside the firewall.
ASKER
How can I make these vlans not to "mix". Does the mixing mean that there is a kind of data insecurity?
If I configure the the link to the firewall as trunk, is my switch still communicate to the switch on the other end?
How can I bring the Idea of native Vlans in such a situation?
If I configure the the link to the firewall as trunk, is my switch still communicate to the switch on the other end?
How can I bring the Idea of native Vlans in such a situation?
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.