Unsolved
This post is more than 5 years old
38 Posts
0
84869
Dell Powerconnect Switches and Sonic Fierwall DMZ Config
Hello Everyone;
I have 2 X Dell powerConnect 6224 Switches and 2 X Dell 2400 SonicWall 2400. I have configured all my VLANs to run on the L3 switches and left the sonicwall to manage Internet access and filtering.
I would like to know what is the best practices when it comes to setup DMZ? I was unable to find any good documents that talks about L3 switches with Sonicwall.
The question is: Should I Setup DMZ on the switch (using ACL) to control it or set it up on the Firewall?
Thank you;
Adam
akamali
38 Posts
0
November 13th, 2012 05:00
Thank you; Daniel for your help.
My setup is a bit complex as it's involve configuring Hypervisor (XenServer, L3 Switches and Sonicwall firewall).
I did setup all of my VLANs on the L3 switch and enabled routing and connected it to Sonicwall via uplink (trunk) and created another (trunk) port for my xenserver connection . Everything is now working fine.
As for the DMZ, I know it should be done on the Firewall. But when I contacted Sonicwall support they did not know how to route between DMZ and my other VLANs that are on the switch. Then they said your DMZ should be done on the switch level since other VLANs are managed by it. which I did not like, therefore I came to support forums to double check.
Then yesterday I found this post, talks about setting up DMZ on Firewall in virtualized environments while using L3 Switches!
networkrob.blogspot.ca/.../creating-dmz-on-asa-for-virtual.html
Based on this post, just like what I did earlier:
1. On L3 Switches - Setup VLAN ID (Do not assign IP Address) - instead just assign it to a trunk port that is connected to Sonicwall firewall.
2. On Sonicwall Setup your DMZ - It can be added as sub-interfaces so you don't have to use a physical port (Very important now days!)
3. Configure necessary routes / Firewall rules on the Sonicwall - I think at this point I would have to speak to level 2 or 3 support to help me sort this problem.