I posted something similar to this in the FIOS category, but I need to ask the same type of question for DSL.
I currently have a site the had a DSL connection using a westell 327w. It works terrifically. However, we want to make a change because of other issues. We want to bring in a Cisco PIX or ASA firewall to the location. So the set up will be this.
DSL ----> 327w Modem ----> PIX Firewall
I know that will work with setting the modem in bridge mode so that IP address of the Internet will be on the firewall.
Now what I want to do is this. I want to be able to use the other Ethernet ports on the 327w and the wireless so that they are behind the Cisco firewall. Physically it would look like a loop, but logically it wouldn't because of VLAN's.
I tested a few things on a 327w that I have because I shutdown DSL in favor of FIOS. I can set up the VLAN's on the WAN port and the other three Ethernet ports and am able to ping everything. However, I am unable to manage the 327w because the IP address isn't in the VLAN that I need it. Apparently the IP address of the switch stays in VLAN 1 and I don't see anyway of setting the IP address of the private or public to a specific VLAN. I may be missing something. I was using Verizon's interface on the 327w.
So can I bridge the DSL port to Ethernet port 1 on VLAN 2 and then keep the other ports in VLAN 1 so that I still have management capability behind the firewall?
If so, I would like to know the steps to make this happen or would it be easier to buy a single port DSL modem and have it pass through and then use the 327w as a switch/wireless access point.
Thanks for letting me know.
Perhaps this modem combo uses the red and black fimware that the Westell 6100 uses.
In that case, follow: http://www.dslreports.com/faq/13600
If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.
You should be able to solve this using a static routing table entry on the PIX machine for the managed devices on VLAN1.