Hi,
I need some advice,
I have a network that we are quickly out growing. We are currently using a iptables firewall running on whitebox. I have purchased an Astaro ASG 220 to try and get this situation under control. Its been setup w/
172.16.1.x and subnet of 255.255.255.0
I want to place a few public facing servers in a dmz.. email, web, ftp. and segment the rest into separate networks. Preferably in 5 different segments:
DMZ, VPN, Guest, IT, Users
I would like to block certain segments from accessing other parts of the network, i.e. guest for vendors to use so I don't have to risk putting them on our network.
I assume this is pretty common but I just want to make sure I head in the right direction. What is the best solution? Using VLans to separate these networks and setup policies on the astaro? What subnet would I use.. and how would traffic flow between segments.. do I need to have a router for each seperate segment? ie..
172.16.1.x
172.16.2.x
172.16.3.x
i've just never figured out how to get traffic to flow between the different networks..
anyone mind lending me a few ideas so I can get headed in the right direction?
I greatly appreciate any help anyone can offer [:)]
thanks.
This thread was automatically locked due to age.
