October 5th, 2012, 02:40 PM
Networking Help/Advice Needed
My company is closing in on our transition to our new facility. We have our existing DS3 circuit plugged into our NetVanta 5305 router. At our new location, weíll have just 2 different segmented LANís one for contracts and one for Headquarters. Iím trying to figure out what will be more efficient and secure moving forward. My main goal is to completely segment the two LANís with access to both only from the admin level. If thatís not possible I can always run a second computer for network access to the other LAN if need be. Another important factor is that we will have a diverse dedicated backup line from another ISP but it will be handed over as an Ethernet cable not a BNC connector requiring a T3 wide module. I donít believe weíll have to worry about load balancing as the DS3 should be fine; our primary concern is having a dedicated backup line on a failover setup in the case Verizon goes down.
Have the NetVanta 5305 as the Gateway Router at the edge of the network. I would utilize only ETH 0/1 port and plug a SnapGear 560u router in behind the NetVanta. The SnapGear 560u has builtin firewall applications as well. Iíve configured this piece to have the primary and secondary Internet feeds. I can program the primary port to the NetVanta 5305 and then have the fail safe/secondary dedicated line in place on the secondary port which would feed directly to our other ISP. The SnapGear 560u has 5 Ethernet ports which Iíve converted 2 of them to dedicated Internet Ports (1 for the NetVanta (Verizon) and 1 for secondary ISP). The other 3 ports will act as LAN segmentations which will point directly to the Primary Line.
This scenario relies totally on the NetVanta 5305 as the gateway router and firewall solution with Dell managed switches behind it using VLANís. My question in this scenario is how I utilize my secondary dedicated line on the NetVanta 5305. Are there any tutorials on programming the NetVanta 5305 for Failover and secondary lines? Iím assuming that the line would have to be plugged into the ETH 0/2 line and then configured on the GUI. ETH 0/1 would point to the internal switches.
Any help or guidance is greatly appreciated!