Hi to all,
I have this configuration running on my network.
L3 SWITCH —> ESX SERVER (vswitch LAN and vswitch WAN) —> ISP
– In vswitch LAN (access to LAN) I have UNTANGLE FW bridged to LAN and few more local machines.
– In vswitch WAN (access to Internet) only UNTANGLE FW is added.
Whole traffic from LAN must pass external interface, so this traffic is passing through UNTANGLE FW and there is checked and filtered.
This configuration is working like a charm.
Now I would like to add one more machine to WAN vswitch. That will be DEBIAN with MasterShaper (QoS) installed. What I would like to do is to move all LAN traffic first to UNTANGLE FW (packet inspection and filtering) and then to MASTERSHAPER (for shaping/policing). Once all check are done, traffic can go to Internet.
Traffic incoming into network must pass first through MASTERSHAPER machine, then UNTANGLE FW machine and then to L3 switch.
I do not have another NIC to create one more vswitch.
Does anyone have similar situation or configuration, or at least can help me brainstorm question?
You must be logged in to reply to this topic.
Create a free account today to participate in forum conversations, comment on posts and more.