Hello all -
I am looking for some advice on how to set up some things on our new network.
We have a new UTM220 running the updated software (which shouldn't really matter, this is more of a network architecture issue).
We have several VLANs running on our core switch (HP Procurve 5412zl). Some of these VLANs need access to the outside world, or host services the outside world will need to access. There is also a lot of traffic flowing between subnets - so to avoid loading the UTM and decrease the point of failures, the 5412zl is handling routing between most of the VLANs. The only exception is the public access VLAN, which is configured to have the UTM as the default gateway in order to help secure access to other VLANs (although I am setting up ACLs on the switch just in case someone is determined).
My question is this - I basically see 2 ways of configuring the network. Add the UTM to each of the VLANs using tagging, or add the network definition of the VLAN subnet to the UTM and create a static route to hand-off traffic to the switch to route it to the final destination. Can anyone tell me any pros/cons of each approach? Is there a "right way" or a "wrong way" here, or just a matter of preference?
Thanks!
Adam
This thread was automatically locked due to age.
