D-Link Forums
The Graveyard - Products No Longer Supported => Hubs and Switches => DGS-1224T => Topic started by: ulasozcelik on August 20, 2009, 06:10:11 PM
-
First of all let me begin by saying that I'm a total noob when it comes to smart/managed switches. So forgive me if this is not even possible to accomplish.
Also, I know that this could easily be achieved by utilizing another switch by placing it between the cable modem and router, but I want to know if I can make do with just one switch. In the process, learn some of the more advanced techniques involved.
(internet)
||
\ /
(cable modem)(which serves 10 usable Public IP(s))
||
||
||
This CAT5e line with get connected to DGS-1224T's Port #1
||
\ /
(DGS-1224T)
From here, I would like to connect a line between Port #2 of the DGS-1224T and my router's WAN port to obtain the first public IP. So far so good.
Here where it gets interesting. I then want to connect a line between Port #12 of the DGS-1224T and my router's (switch part - LAN segment) Port #1.
So basically I want to use Port #1 ~ #11 for Public IP addresses coming from the cable modem and use Port #12 ~ #24 for Private IP addresses that are controlled by my router/firewall (which is connected to Port #2).
Is this possible? If so, will there be any drawbacks?
-
Possible, simple even.
Just set up 2 VLANs, as it sounds like your equipment isn't VLAN aware except for the switch just make sure that every port you want to be able to talk is untagged on the same VLANs.
-
The problem here is that if something goes wrong it could go really wrong.
-
The problem here is that if something goes wrong it could go really wrong.
Why ? I'm running a similar configuration with 4 VLANs on the 1224T for more than 6 months now.
Works perfectly.
-
Because if the VLAN setup is incorrect you could end up with a WAN->LAN leak which could be a problem in a lot of deployments.
Even if that's up fine if you call in to troubleshoot they will almost certainly reset the device as part of troubleshooting (unknowing of the level of issue they might be causing).
The dangerous part of these leaks is that they could go unnoticed until they lead to big security issues.
-
Thanks, now I understand what you are meaning.
So I won't call in for troubleshooting ;D
-
I like that plan!
-
Though strictly speaking the correct answer is that you should simply inform the tech person completely about your environment before troubleshooting and all will be well.