Cisco ASA, HP Procurve 2910 VLANs
I have a Cisco ASA 5510 as a firewall. The main network switch is HP Procurve 2910. I need to set up 4 Vlans. Both the Cisco ASA and the Procurve 2910 have vlan/routing capabilities. Which device is most appropriate setup the vlans on? The attached image has a little more detail.
vlan-desc.JPG
vlan-desc.JPG
Do more with
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
The Procurve 2910 is a L3-switch and capable of doing simple routing fast. The ASA as far as I remember only has 4 interfaces, but has more advanced rule-set.
So my 2 cent: Make the vlans and the vlan-routing on 2910 and the inside/outside/dmz routing on the ASA.
So my 2 cent: Make the vlans and the vlan-routing on 2910 and the inside/outside/dmz routing on the ASA.
I agree with jburgaard, but would add in that the guest vlan should go to the Asa for layer 3 routing/firewall. All other vlans should use the 2910 for routing.
I would agree with rauenpc, use the L3 switch as the defult gateway for all internal networks, and DMZ or Guest networks should terminate on the ASA
The 5510 has 4 ports, if you have the sec-plus licence, ports 0 and 1 are gigabit, ports 2 and 3 are 10/100
As some QoS rules can only be applied to a physical interface, this might affect how you terminate the connections to the ASA.
The 5510 has 4 ports, if you have the sec-plus licence, ports 0 and 1 are gigabit, ports 2 and 3 are 10/100
As some QoS rules can only be applied to a physical interface, this might affect how you terminate the connections to the ASA.
Premium Content
You need an Expert Office subscription to comment.Start Free Trial