I have a network that I am running VOIP to a VSP using Polycom 301 VOIP phones with a flavor of Asterisk. For voice quality, I would like to use 2 different VLAN's, one for voice and the other for data. The data VLAN is untagged, while the voice VLAN is tagged using an HP Procurve 2650 switch.
I have 2 different ISPs, Covad with 2 T'1's into a Samsung IBG2006 router and a Comcast cable modem. I would like to use the T's for VOIP only and the cable modem for data (mostly web browsing, email from a hosting provider, etc- no service hosting here!). Of course the static IP's from my providers are on 2 different subnets.
The issue that I have is that I have a single Cisco PIX 506E v6.2 using that I would like to use with BOTH ISP's and BOTH VLAN's. I know that the PIX does not support subaddressing with this OS.
My question is can I use the switch to do the routing from the VLAN's and the ISP's for me? If so, can anyone suggest a config that would work?
I was thinking about making 4 VLAN's: 2 for my internal network, voice and data (lets call them 1 and 2), and 1 for each of the ISPs CPE (lets call them VLAN's 3 and 4), connect the ISP's ethernet handoffs to the switch, and use the switches routing functions to route traffic to the 2 ports on the switch that are reserved for the PIX. Of course the ports for the ISP's ethernet handoffs would have to be untagged, with every other VLAN set to "forbid" (as I dont think that I can get the Comcast SMC modem to do VLAN tagging, and would rather no mess with the Covad router if possible). I would then make the port that the PIX's inside interface a hybrid of VLANs 1 and 2, while the outside interface is connected to a hybrid port consisting of VLANs 3 and 4.
I think that this hair brained scheme will work, I just need to figure out if I can do this with the switch's routing funtionality, and the best way to do the routing. I know that this isnt the best way to do this, but hey, I'm on a very tight budget here. Thanks for your help.