|I'm researching how to setup a secure webserver. This is just something I've never done with secure data so want to make sure it is correct.|
My goal is to setup a vlan_2 (172.16.1.1)on an HP ProCurve 2510G-24 with a single server running my website (webserver (172.16.1.2)). The HP also contains all other servers (dhcp, dns, ftp, backup) on the default vlan_1 (192.168.0.12). This switch is connected directly to a Cisco Catalyst 2960G-48 (192.168.0.10) running default setup. This connects to the PIX 506e. I've got the pix setup ready with an acl and static route to my desired 172.16.1.2 ip for the server. I just can't seem to get the switches to work for me.
I would like to be able to access the webserver from any internal server or workstation also. I just want better protection from outside by putting the webserver in a vlan on a different subnet.
Am I way off base with my goal?
This will be a webserver for a secure application I've been building. I've never setup the network side.
I would rather not bypass the HP switch because I would like to eventually add more servers to the same vlan.
Thanks for the help.