Junos
Highlighted
Junos

Layer 2 VLAN for ISP redundancy on a shared stack

‎08-10-2019 08:48 AM

1 qfx5100 stack
Redundant connections from my ISP, 2 physical firewalls. Each firewall needs access to both of the ISP connections.
4 access only ports, 2 on each stack member in a layer 2 VLAN, no trunk ports.
The rest of the VLANs on this stack are internal, data and phones.
Is this enough security? Is there a better way to ensure the traffic is segregated?
I'm not opposed to getting a dedicated switch for this, but would rather not. New to Junos so any help is appreciated.