Yes, simply make sub-interfaces and relevant vlan tagging, then connect that port with your switch over trunk using dot1q.
regards, Muhammad Fahad Khan JNCIP - M/T # 834 IT Specialist Global Technology Services, IBM fa...@pk.ibm.com +92-321-2370510 +92-301-8247638 Skype: fahad-ibm http://www.linkedin.com/in/muhammadfahadkhan http://fahad-internetworker.blogspot.com http://www.visualcv.com/g46ptnd On Sun, Mar 7, 2010 at 11:24 PM, Sidney Boumendil < sidney.boumen...@gmail.com> wrote: > On Sun, Mar 7, 2010 at 7:02 PM, networking alcatel <netprod...@gmail.com> > wrote: > > Hi > > > > I have got a ISG 1000 firewall which has the default 4 interfaces, i need > to > > configure 4 zones on a single interface and 1 zone which is the untrusted > > zone on another interface , the other 2 interfaces will be used for HA > and > > heartbeat as there are 2 ISG 1000 my point is > > > > - can i have 4 different zones on a single interface these are all > > trusted (inside) and require to communicate with one another and also > with > > the outside interface > > - can the DMZ zone and the trusted zone be binded with the same > interface > > (sub-interfaces are proposed using vlan tagging) > > > > will this type of solution work. > > Yes it works, juste use vlan tagged sub-interfaces. You can bind > sub-interfaces to any zone you want. > > Be sure to check your licence supports the number of zone you want to > create. > > _______________________________________________ > juniper-nsp mailing list juniper-nsp@puck.nether.net > https://puck.nether.net/mailman/listinfo/juniper-nsp > _______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp