• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 68
  • Last Modified:

Network Design of new equipment

Hello,

I
This is my equipment:


1x Fortigate 200B
1x Cisco 2960S-48Port-POE(VLAN 1, VLAN 2)
1x Cisco 2960S-48Port (VLAN 1 Only)
1x Dlink 24Port-Poe(VLAN 3)

VLAN1 - Clients / Computers VLAN
VLAN2 - Phones (IP) VLAN
VLAN3 - Camera VLAN

according the info, how should i setup the equipment? What is the best way and the way will give me best results.
note that all the vlans can not communicate which one and another.

1) First option
Every switch is connected to Fortigate by 2X(Copper) via LACAP

2) Secound Option

Fortigate 200B to Cisco 2960S-48Port-POE by 2XLACP

then Cisco 2960S-48Port-POE to Dlink and Cisco 2960S-48Port


thanks.
0
yairge
Asked:
yairge
  • 2
  • 2
1 Solution
 
StolsieCommented:
Hi
To prevent coms that will be easy as you are using the firewall as your router.
I would do it like this:
fortigate=
Int 1-2 -> 48port PoE = gateway for VoIP address
Int 3-4 -> 48port         = gateway for client address
Int 5-6 -> 24port         = gateway for CCTV

48poe = ports 47-48 LACP to FortiGate only vlan 2 untagged/native + ports 45-46 trunked/grouped native vlan 1 to the std48port.

48std = ports 47-48 LACP to FortiGate only vlan 1 untagged/native + ports 45-46 trunked/grouped native vlan 1 to 48poe.

24= port 23-24 to FortiGate only vlan 3 untagged/native.

And then in the firewall don't add rules for the interfaces to communicate between each other and them wont
also don't forget to set a quality of service on the VoIP vlan if you plan on having voip and client on one cable.
0
 
yairgeAuthor Commented:
Hello,

Thanks,

What do you mean by "don't forget to set a quality of service on the VoIP vlan if you plan on having voip and client on one cable."

I currently have the Asterisk Server and VoIP Phones on the same VLAN(VLAN2), do i still need QOS then ? because the only data on that vlan is VoIP VLAN
0
 
StolsieCommented:
Most cases you will have a VoIP phone and then a desktop going to that and if you do you will need to set a quality of service or the data will be treated as FiFo (first in First out) and VoIP need to have a higher preference.
But if you stick to what i recommended there is no mixing of vlans or data so there should be no need for QOS.
0
 
yairgeAuthor Commented:
thank you!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now