Dears;I have Catalyst 3560 in the core layer and 12 access switches (2960), all the configuration in the switches are default, i meant VLAN1 for all switches, the ASA firewall from the same subnet of the users 192.168.1.0 (VLAN1). The ASA IP address 192.168.1.200 which is the default gateway for all users.
a new department is opened and i will assign VLAN 2 for them with 192.168.2.0 range. i dont want VLAN 2 to see VLAN1 (users) but i want to see the firewall (192.168.1.200) and some servers on vlan 1 (192.168.1.100-110).
i will do trunk interfaces between the core and the access and what i can do to see the firewall and deny the access to the users and some servers.