one of our customers approached me toady with the following setup:
so far its only one layer2 domain.
customer wants to create a second domain for the wlan clients now.
i told him to create 2 vlans on each switch as well as on the firewall and configure trunking between the switches and switch1 and the firewall.
then create a svi for each vlan on the firewall(each svi would be the GW for the appropriate vlan).
the AP´s would be connected to switch2, now i told him to just connect them to ports in the right vlan. i know that you normally treat the AP´s a switches and connected them via trunk links and create the 2 vlans on them as well, but does it make a big difference?
so i would like to hear your opinion on my recommendation! would you do it the same way?
and another question would be if e.g. switch1 would be a layer3 switch, would it be better to create 3 vlans on switch1 and a trunk link between the 2 switches and let switch1 do all the routing between the 3 vlans?
my last question is, if i would create 2 vlans(vlan10 and vlan20) on a layer 3 switch and in one vlan(vlan10) is the firewall(GW for the company) would it work if i set the GW for the clients in vlan20 to the svi of vlan20 and create an default route on the switch, pointing to the firewall in vlan10?
could all clients from all vlans access the internet?
i appreciate evey help!