Our branch office has everyone on the same LAN segment at the moment 192.68.3.x/24 - this includes phones, printers, and staff. I've been asked to create some VLANs to separate the VOIP phones as well as tech and business staff members.
We have an SRX210 with Junos 11.4R10.3. There is the default vlan-trust, and I was thinking of adding two more - vlan-VOIP and vlan-IT. I intend to leave all the printers and the business-oriented employees in vlan-trust.
Then I started thinking about assigning interfaces to the vlans and ran into an issue. All the devices are plugged into a couple of unmanaged Dell switches. One switch uplinks to the other and then to the ge-0/0/1 interface on the SRX. ge-0/0/0 is on the untrusted network. The network devices (phones, access points, printers, laptops) are randomly plugged into the Dell switches, and there a some small linksys 5-port switches scattered around the office as well.
I am going to convert the Dell switches to managed mode. I've created the VLANs. There's a dhcp server on the default vlan. What kind of suggestions do you have to segregate my traffic (another goal is to set up CoS for VOIP traffic) using the Dell switches, SRX interfaces or whatever else you can think of?
MJ