Any downside to splitting my network up into a bunch of subnets? (i.e. plug each switch into different port on firewall and have its own subnet)
Right now we have perhaps about 10 switches. A mix of 24 and 48 port switches. These are divided into two subnets that are plugged in to two ports on the fortigate...
Our local network is a bit disorganized now though. And I'm considering not daisy chaining our switches at all. Just plug each one into a separate port on the fortigate and then have each one of those set up to DHCP out a different range of IP addresses. Then I can have everyone reboot their PCs and report with their IP addresses so I can get a map of where everybody is plugged in. Any concerns with this? I realize that this means that virtually all of our traffic will be going through the firewall. Though I wouldn't really have many, if any, rules between all the internal lan subnets.
Our network currently is just a hodgepodge daisy chain of mostly 100 meg switches, some of them are consumer grade, and we dont currently have any issues... So I am a bit doubtful our fortigate 100D will buckle...
But just curious if there might be other ramifications I am not thinking of.... Obviously I want to be careful about the printers and scanners and such... but all the PC's and voip phones I think... just reboot, get new DHCP and be on thier way...
Our local network is a bit disorganized now though. And I'm considering not daisy chaining our switches at all. Just plug each one into a separate port on the fortigate and then have each one of those set up to DHCP out a different range of IP addresses. Then I can have everyone reboot their PCs and report with their IP addresses so I can get a map of where everybody is plugged in. Any concerns with this? I realize that this means that virtually all of our traffic will be going through the firewall. Though I wouldn't really have many, if any, rules between all the internal lan subnets.
Our network currently is just a hodgepodge daisy chain of mostly 100 meg switches, some of them are consumer grade, and we dont currently have any issues... So I am a bit doubtful our fortigate 100D will buckle...
But just curious if there might be other ramifications I am not thinking of.... Obviously I want to be careful about the printers and scanners and such... but all the PC's and voip phones I think... just reboot, get new DHCP and be on thier way...
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
One quick question. Is there anything I should look out for when I actually do the reconfigure? We have both Windows and Ubuntu PCs. Basically everyone should just be able to reboot their PC and it will pick up a new address right?
Correct.
ASKER