We are in the process of replacing a Cisco ASA with a Fortigate 201E. Currently the ASA connects to a 1GB switch, with several servers connected, then connects to a Cisco 4500 switch for the clients.
Because there are only a few ports in use on the 1GB switch, we plan to use the first two ports on the Fortigate as an aggregate to the Cisco 4500, then connect the servers to the other 8 ports. We are considering configuring ports 3-10 as a Zone (for the servers), over a vswitch to provide the same functionality as the 1GB switch and eliminate the physical device. Then setting up policies to allow everything from the Zone interface for servers to the LAN interface. We can fine tune the policy after as we move forward.
Does this make the best sense, or are there better ideas?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1732 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.