Scribd Logo
Încărcați

Bine ați venit la Scribd!

  • Configuring VLAN PDF

    Încărcat de

    dasdsa
    38 vizualizări3 pagini

    Titlu original

    Configuring_VLAN.pdf

    Drepturi de autor

    © © All Rights Reserved

    Formate disponibile

    PDF, TXT sau citiți online pe Scribd

    Vi se pare util acest document?

    Este necorespunzător acest conținut?

    Raportați acest document

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    38 vizualizări3 pagini

    Configuring VLAN PDF

    Încărcat de

    dasdsa

    Drepturi de autor:

    © All Rights Reserved
    Descărcați ca PDF, TXT sau citiți online pe Scribd
    Indicator pentru conținut neadecvat
    din 3

    Configuring Cyberoam VLAN

    Configuring Virtual LAN


    VLAN Configuration in Cyberoam.

    This article documents how to implement IEEE 802.1Q Virtual LAN (VLAN) technology
    between Cyberoam appliance and 802.1Q-compliant devices, such as Cisco switches and
    routers.
    Virtual Local Area Networks (VLANs) use tag-based LAN multiplexing technology to
    simulate multiple LANs within a single physical LAN using IP header tagging. VLAN
    ID/tags are 4-byte frame extensions that contain a VLAN identifier as well as other
    information.
    VLANs multiply the capabilities of Cyberoam appliance. VLAN tags added to network
    frames increases the number of network interfaces (ports) beyond the available physical
    ports on the Cyberoam appliance.
    Advantages
    Increased Port density
    Logical segmentation of Network irrespective of physical placement
    Granular security on heterogeneous LANs
    Improved Network throughput as VLAN confines broadcast domain
    Using VLANs, a single Cyberoam appliance can provide security services and control
    connections between multiple domains. Traffic from each domain is given a different VLAN
    ID. Cyberoam can recognize VLAN IDs and apply security policies to secure network
    between domains. Cyberoam can also apply authentication, various policies, and firewall
    rule features for network.

    Cyberoam Configuration
    Follow the below given steps from Web Admin console to configure VLAN:
    Step 1: Define virtual subinterface
    Go to System>Configure Network>Manage Interface and click Add VLAN Subinterface
    button to open the create page

    Configuring Cyberoam VLAN

    Physical Interface: Select interface for which the virtual subinterface is to be defined.
    Virtual subinterface will be the member of selected physical Interface/Port. The dropdown
    menu will list only the LAN and DMZ interfaces.
    VLAN ID: Specify VLAN ID. The interface VLAN ID can be any number between 2 and
    4094. The VLAN ID of each virtual subinterface must match the VLAN ID of the packet. If
    the IDs do not match, the virtual subinterface will not receive the VLAN tagged traffic.
    Virtual Interfaces added to the same physical interface cannot have the same VLAN ID.
    However, you can add virtual subinterfaces with the same VLAN ID to different physical
    interfaces
    IP address: Specify IP address and netmask for the virtual subinterfaces. Assign static IP
    address only. Only static IP address can be assigned and Subnet ID should be unique
    across all the physical/virtual subinterfaces
    Zone: Select virtual subinterface Zone. Virtual subinterface will be the member of the
    selected zone. Virtual subinterface created will remain unused until it is included in a zone.
    Virtual subinterface can be the member of LAN, DMZ or custom zone.
    Note:
    1. Zone membership can be defined at the time of defining virtual subinterface or later
    whenever required.
    2. Virtual subinterface can be the member of custom zone.
    3. Virtual subinterface cannot be the member of WAN zone
    On successful creation, Interface details (System>Configuration Network>Manage
    Interface page) will display newly defined virtual subinterface under the selected physical
    interface.

    Configuring Cyberoam VLAN

    Step 2 : Restart Management services from CLI console


    Logon to CLI console through SSH or Telnet and select option R Restart Management
    Services

    Once the virtual interface is defined and is included in a zone, it can be treated exactly
    same as the physical interface. Customization of firewall rules that govern the traffic
    between VLANs and other interfaces, IDP policies and virus and spam scanning can be
    performed the same way as done with the physical interface.
    If virtual subinterface is defined for custom zone, two default firewall rules for the zone are
    automatically created for the custom zone. For example, if virtual subinterface is defined
    for LAN zone, 2 default firewall rules under Virtual subinterface to WAN zone are
    automatically created based on the default LAN to WAN zone firewall rules.
    From version 9.5.4 build 66 onwards, VLAN (Virtual LAN) tags will be preserved even
    when antivirus scanning, spam filtering and web filtering using Internet Access Policy (IAP)
    are applied to VLAN tagged traffic in Bridge mode.

    Document version 1.0-19/08/2008

    S-ar putea să vă placă și