Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 2876 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Changing to 802.1q trunks

jskain
I currently have four physical ports on our ASG-320 (running V 8.3) that are connected to four ports on a Cisco switch configured for multiple VLAN's. Each of the ASG ports is for one of  four internal VLANS. 

I want to change the four physical connections to one 802.11q trunk between the ASG and the Cisco switch, keeping the same DG's, IP.s etc for each VLAN.

Is there a simple way to do that without destroying rules, etc. If I delete the port for VLAN #2 and then configure it on the 802.1q trunk for VLAN #2, will everything pick up, or will things have to be rebuilt?

Thanks,


This thread was automatically locked due to age.
  • 0
    You'll have to redo your rules.  The good news is that there is the handy "clone" option in most rulesets so recreating them shouldn't take too long.  You'd just create your new trunks with "fake" VLAN IDs, clone the rules from the existing ones... then delete the old interfaces, and change the VLAN IDs on the new trunks to "real" ones.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0
    Bruce, maybe I've misunderstood what he wants to do...

    You'd definitely want to start with a config backup. [[;)]]

    Don't delete anything.  You should be able to change one of the interface definitions to VLAN, and then change the other interface definitions to different VLAN IDs on the same eth#.  You shouldn't lose any rules or definitions.

    You probably have some things to do on the switch. [[;)]]

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    I did what you said - just changed the interface definition to VLAN, selected the interface and put in the VLAN ID & it kicked right in. 
    Thanks
Cookie Information Banner