+ Post New Thread
Results 1 to 14 of 14
Wired Networks Thread, Internet router / VLANS in Technical; SM.png I'm looking at something like this, i'm wondering whether to 1.use the smoothwall(s) as the default gateway for all ...
  1. #1

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15

    Internet router / VLANS

    SM.png

    I'm looking at something like this,
    i'm wondering whether to

    1.use the smoothwall(s) as the default gateway for all vlans
    or
    2.use the x670's as the default gateway and add routing entries for all internal vlans then a default route to the smoothwall

  2. #2

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,252
    Thank Post
    898
    Thanked 1,785 Times in 1,537 Posts
    Blog Entries
    12
    Rep Power
    463
    Use the IP address of the VLAN as the default gateway for each VLAN. On the switch setup a static route with the IP of the smoothwall box.

  3. #3

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    you mean 2. use the x670's, this is the direction i have been leaning towards

  4. #4

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,252
    Thank Post
    898
    Thanked 1,785 Times in 1,537 Posts
    Blog Entries
    12
    Rep Power
    463
    Quote Originally Posted by ConradJones View Post
    you mean 2. use the x670's, this is the direction i have been leaning towards
    No in option 2 you said use the IP address of the x670. I mean use the IP address on the VLAN you have configured on the switch.

  5. #5

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    sorry i see what you mean. I meant in configuring the routing table on the switch

  6. #6

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    interesting NMAP is showing the LA's juniper as this?
    Amazon.com: Webstar DPC2100 Cable Modem: Computers & Accessories

  7. #7

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    Quote Originally Posted by FN-GM View Post
    No in option 2 you said use the IP address of the x670. I mean use the IP address on the VLAN you have configured on the switch.
    yes the address of the vlan on the x670???????????????

  8. #8

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,252
    Thank Post
    898
    Thanked 1,785 Times in 1,537 Posts
    Blog Entries
    12
    Rep Power
    463
    Quote Originally Posted by ConradJones View Post
    sorry i see what you mean. I meant in configuring the routing table on the switch
    How do you mean? On the switch you set a static route to point to smoothwall.

    So from a client tracert it would go like this

    Computer > VLAN IP > Smoothwall IP

  9. #9

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    Quote Originally Posted by FN-GM View Post
    How do you mean? On the switch you set a static route to point to smoothwall.

    So from a client tracert it would go like this

    Computer > VLAN IP > Smoothwall IP
    ignore that post, i'm tired.

    No in option 2 you said use the IP address of the x670. I mean use the IP address on the VLAN you have configured on the switch.
    yes i mean the ip address of the VLAN on the x670

  10. #10

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    still wondering whether to give the smoothwall box an interface on each vlan that needs internet access or route (seperate question to default gateway of device)
    this would save hitting the x670 with having to route internet traffic.

  11. #11

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,252
    Thank Post
    898
    Thanked 1,785 Times in 1,537 Posts
    Blog Entries
    12
    Rep Power
    463
    Thats right (talking about post 9). The IP address on the switch is just for management nothing else.

    I wouldn't do an interface for each VLAN, you wont benefit. Just configure smoothwall with all the IP ranges of your vlans and put the static route on the switch.

  12. #12

    Join Date
    Mar 2013
    Location
    west sussex
    Posts
    519
    Thank Post
    74
    Thanked 26 Times in 26 Posts
    Rep Power
    15
    Quote Originally Posted by FN-GM View Post
    Thats right (talking about post 9). The IP address on the switch is just for management nothing else.

    I wouldn't do an interface for each VLAN, you wont benefit. Just configure smoothwall with all the IP ranges of your vlans and put the static route on the switch.
    thank you, i was coming the same conclusion, especially give the internet pipe is 100mb and the switches are 10gbe. i think smoothwall should get its own vlan then, as it seems a little weird for it to be on one vlan with clients and then the other vlans have to route to get to it.

    tbh i'm thinking out loud as i have limited time "in the building" to set this up and its probably going to playing on my mind until its done, luckily i have one of the smoothwalls at home so I can get that ready then go and "throw it in the rack"
    Last edited by ConradJones; 29th March 2013 at 09:27 PM.

  13. #13

    FN-GM's Avatar
    Join Date
    Jun 2007
    Location
    UK
    Posts
    16,252
    Thank Post
    898
    Thanked 1,785 Times in 1,537 Posts
    Blog Entries
    12
    Rep Power
    463
    I have a premier firewall VLAN as well. I think its the right way to go.

  14. Thanks to FN-GM from:

    ConradJones (30th March 2013)

  15. #14


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by FN-GM View Post
    I have a premier firewall VLAN as well. I think its the right way to go.
    Yes I agree strongly with this. Internet facing devices (and BYOD) should be in a DMZ vlan.

  16. Thanks to CyberNerd from:

    ConradJones (30th March 2013)



SHARE:
+ Post New Thread

Similar Threads

  1. Setting up router for internet connection
    By nicholab in forum Wired Networks
    Replies: 24
    Last Post: 3rd October 2011, 08:59 PM
  2. multiple routers on one internet connection
    By madguitarist09 in forum Internet Related/Filtering/Firewall
    Replies: 7
    Last Post: 19th January 2011, 08:29 AM
  3. embc routers and that Vlan
    By russdev in forum East Midlands Broadband Consortium (EMBC)
    Replies: 6
    Last Post: 27th April 2010, 01:41 PM
  4. VLAN for guest internet access
    By plexer in forum How do you do....it?
    Replies: 3
    Last Post: 17th December 2007, 01:50 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •