Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 2 subscribers
  • Views 1959 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VLAN Ethernet: When to use?

IngoPohlschneider
Hello
I support a ASG 425 that is currently configured with several VLANs on the lag0 interface.

I wonder if this is required...

1) There is a coreswitch that does the routing between this VLANs anyway (so ASG is not involved in any filtering between VLANs...I guess that would be a usecase for using VLAN-interfaces in the ASG?)

2) The core switch has a default route set to one of those IPs of the ASG

Wouldn't it be smarter / less cluttered to configure just one standard Ethernet Interface with that IP address and kick out all the other VLAN-Interfaces?

Best regards and sorry for the pretty basic question


This thread was automatically locked due to age.
Parents
  • 0
    try a traceroute from the different subnets to the ASG, then you may be able to figure out how the packets are routed.
    Personally I would let the ASG handle the VLAN-routing. I believe it does a better job in routing than most L3-switches do and you also get the capabilities of the ASG (real firewall in stead of ACL's usually available in switches).

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Reply
  • 0
    try a traceroute from the different subnets to the ASG, then you may be able to figure out how the packets are routed.
    Personally I would let the ASG handle the VLAN-routing. I believe it does a better job in routing than most L3-switches do and you also get the capabilities of the ASG (real firewall in stead of ACL's usually available in switches).

    Managing several Sophos UTMs and Sophos XGs both at work and at some home locations, dedicated to continuously improve IT-security and feeling well helping others with their IT-security challenges.

    Sometimes I post some useful tips on my blog, see blog.pijnappels.eu/category/sophos/ for Sophos related posts.

Children
No Data
Cookie Information Banner