Since we will need 20 ports to each PA-5220 and 20 ports out to the WAN fiber, my plan was to use 4 , CRS518-16XS-2XQ switches in order to have 60 interfaces.
Here is a mock up of what I think needs to happen. This is only for 2 out of the 20 locations but hopefully illustrates where I am in the process. Setup 5 bridges per switch, 3 interfaces in each bridge with port isolation configured. I would replicate this over the 4 switches which should get me to 60 interfaces and 20 bridge groups .
Code: Select all
/interface bridge
add comment="To Building #1 and Int 5 on Palos "name=bridge-building1
/interface bridge port
add comment="To Building #1" bridge=bridge-building1 interface=ether1
add comment="To PA-5220_1 int 5" bridge=bridge-building1 interface=ether2
add comment="To PA-5220_2 int 5" bridge=bridge-building1 interface=ether3
/interface bridge filter
/interface bridge
add "To Building #2 and Int 6 on Palos " name=bridge-building2
/interface bridge port
add comment="To Building #2"bridge=bridge-building2 interface=ether4
add comment="To PA-5220_1 int 6" bridge=bridge-building2 interface=ether5
add comment="To PA-5220_2 int 6" bridge=bbridge-building2 interface=ether6
/interface bridge filter
/interface ethernet switch port-isolation
set ether1 forwarding-override=ether2,ether3
set ether2 forwarding-override=ether1,ether3
set ether3 forwarding-override=ether1,ether2,
set ether4 forwarding-override=ether5,ether6
set ether5 forwarding-override=ether4,ether6
set ether6 forwarding-override=ether4,ether5