Looking for a "best practices" example using an EXOS switch acting as both a private network switch and an internet router. We have several deployed in this fashion, mostly where the ISP does not provide a router for the client's routed subnet. Instead, they give us a /30 which routes via the Extreme to the outside of our firewall.
Do you create a second virtual router or simply add the two outside VLANs to the default? We implement a policy which checks a list of subnets before allowing SSH to the management IP, but what else? Should we be doing more? Anyone have an example?
Thanks in advance!