Thanks for the responses that SUN doesn't support 802.1Q on it's newer
hardware. That saves some time, but doesn't make my job much easier.
The point of having the FW support VLANs is to increase security. We
have/will have several hundred clients each client will have it's own
segment, and everyone needs to be secured from each other. It would
be much easier get a 5500 or a 6500 series switch and configure VLANs
on that switch and have the FW do all the routing between VLANs in a
secure fashion. Without that we will have to purchase the RSM module
for the switch and do the routing on the switch itself outside of
the firewall's control.
Even a 450 loaded with cards (only 10 slots) even with Quads will
only handle 41 VLANS. We are talking about hooking up to nearly
200. A $70-80000 switch is MUCH less expensive than a SUN 6500 or
E10000, and a LOT easier to maintain when you are in a High availability
environment.
Steve
-----Original Message-----
From: Aaron Turner [mailto:[EMAIL PROTECTED]]
Sent: Thursday, July 13, 2000 12:03
To: Dominik Weis
Cc: stcost - Steve Costaras; [EMAIL PROTECTED]
Subject: RE: [FW1] FW1 / Solaris w/ 802.1Q (VLAN) Support?
What you're asking makes no sense. Why does Solaris need to know about
VLAN's? Just plug an interface of the firewall into each VLAN you want
the firewall to route/firewall between. If you want a lot of gigabit
interfaces, you'll prolly need something like a Sun E450, but that's not
unheard of. People do this sort of thing all the time.
--
Aaron Turner [EMAIL PROTECTED] 650.237.0300 x252
Security Engineer Vicinity Corp.
Cell: 408-314-9874 http://www.vicinity.com
On Thu, 13 Jul 2000, Dominik Weis wrote:
>
> Hello Steve,
>
> We tried to find a NIC(Driver) that is able to support this but we didn't
> have any luck. Additional we asked SUN and they told us that it is not
> supported.
>
> Dominik
>
> > We have a situation where we need to protect several segments/VLANs
(100+)
> > that we will be putting off a Cisco 6500 series switch. Each VLAN needs
> > to be protected from the others. I _WANT_ to plug a solaris box into
the
> > 6500 w/ gigabit and have it act as a router however I can find NO answer
> > anywhere if this is possible. Do Checkpoint/Solaris understand VLANS?
> >
> > Can it act in this way?
> >
> >
> > Steve
> >
> >
> > ==================================================================
> > ==============
> > To unsubscribe from this mailing list, please see the instructions
at
> > http://www.checkpoint.com/services/mailing.html
> > ==================================================================
> > ==============
> >
>
>
>
>
============================================================================
====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
