SonicWall TZ-105 - How to (VLAN) isolate my lab's different Active Directory Forests
I am building my home lab with some decent Hyper-V servers/guests - so potentially plenty of AD forests & domains to come. They should not be able to see each other except, perhaps down the road, I will create cross-forest trusts - but that could be another EE question.
SonicWall TZ-105
Several unmanaged 1GB switches
UBEE Cable Modem
I have 5 static public IP addresses from my ISP.
Internally, I plan to use a /16 10.50.x.x
My question is:
How do I isolate my Active Directory forests via my SonicWall(network)?
VLANs? and if so then how?
SonicWall TZ-105
Several unmanaged 1GB switches
UBEE Cable Modem
I have 5 static public IP addresses from my ISP.
Internally, I plan to use a /16 10.50.x.x
My question is:
How do I isolate my Active Directory forests via my SonicWall(network)?
VLANs? and if so then how?
ASKER
So researching a bit more I believe I am looking for the ability to do Inter-VLAN Routing.
Can my SonicWall do this and if...
...yes: How?
...no: Is there a work around?
Thank you again!
K.B.
Can my SonicWall do this and if...
...yes: How?
...no: Is there a work around?
Thank you again!
K.B.
ASKER
Do I need a switch capable of doing Inter-VLAN routing?
How much is a cheap switch capable of Inter-VLAN routing?
Can I use static routes instead? If so, how?
How much is a cheap switch capable of Inter-VLAN routing?
Can I use static routes instead? If so, how?
> building my home lab with some decent Hyper-V servers/guests
> potentially plenty of AD forests & domains to come.
basically you need a virtual infrastructure to support your coming ADs especially for a multi-forest environment which should require inter-subnet / inter-VLAN / inter-domain communications.
if all your DCs are to be running in VMs (that's commonly the purpose for the lab), then you actually don't need your SonicWALL device for VLAN isolation and routing. you need everything virtual including the central router, firewall and DHCP services.
> potentially plenty of AD forests & domains to come.
basically you need a virtual infrastructure to support your coming ADs especially for a multi-forest environment which should require inter-subnet / inter-VLAN / inter-domain communications.
if all your DCs are to be running in VMs (that's commonly the purpose for the lab), then you actually don't need your SonicWALL device for VLAN isolation and routing. you need everything virtual including the central router, firewall and DHCP services.
ASKER
Thank you for your reply.
I would like vlans with my sonicwall. I have printers, the children's gaming consoles, Mobile devices and workstations, that hook up to the TVs all that I would like to vlan. I understand that I can do VLANs with the virtual inftructure and I appreciate the reply but I would like to do VLANs with the sonicwall if possible.
I would like vlans with my sonicwall. I have printers, the children's gaming consoles, Mobile devices and workstations, that hook up to the TVs all that I would like to vlan. I understand that I can do VLANs with the virtual inftructure and I appreciate the reply but I would like to do VLANs with the sonicwall if possible.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
https://www.youtube.com/watch?v=1C9UoE4TRes
However:
Q: How do I allow access for my laptop via RDP to each of the VLANs?
Q: How do I add my Wireless Access Point to certain VLANs?
For example, I need to be obtain an IP address via DHCP from the SonicWall but use the Wireless Access Point (on a different VLAN?) too. Maybe I am over-thinking it?
...so if my VLANs are for example:
VLAN1 - 10.50.1.x (Network Gear)
VLAN2 - 10.50.2.x (Servers)
VLAN3 - 10.50.3.x (Virtual Guests)
VLAN4 - 10.50.4.x (DHCP)
...static routes? Any help would be much appreciated!
Thank you!
K.B.