Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Switch Design issue-Help required

Hi,

I require help in designing my network.We have a L3 switch who's default gateway is my firewall. We have lot of vlans in my switch, now we have decided to move some vlans on to the firewall.

We have decided to move 3 VLAn's on to the firewall. on firewall side We are using sub-interface concept and keeping all the 3 vlans on same physical port.

Now we will shutdown the L3 functionality of the Vlans and give the default gateway of one VLAN on the firewall interface.but my question is..wether the traffic of the other 2 VLAN's will pass to the firewall even after configuring trunking on one of the VLAN ports.   Please let me know as i am waiting for this as i ahve to implement tomorrow.

Thanks in advance.

Krishna.

1 REPLY
Hall of Fame Super Blue

Re: Switch Design issue-Help required

sairamteju wrote:

Hi,

I require help in designing my network.We have a L3 switch who's default gateway is my firewall. We have lot of vlans in my switch, now we have decided to move some vlans on to the firewall.

We have decided to move 3 VLAn's on to the firewall. on firewall side We are using sub-interface concept and keeping all the 3 vlans on same physical port.

Now we will shutdown the L3 functionality of the Vlans and give the default gateway of one VLAN on the firewall interface.but my question is..wether the traffic of the other 2 VLAN's will pass to the firewall even after configuring trunking on one of the VLAN ports.   Please let me know as i am waiting for this as i ahve to implement tomorrow.

Thanks in advance.

Krishna.

Krishna

It's not entirely clear what you are asking.

If you move the 3 vlans to the firewall using subinterfaces then each subinterface on the firewall will have it's own IP address.

So the switch would have a trunk port to the firewall. On the firewall you would have 3 subinterfaces and each subinterfaces has an address from it's vlan. The address that you assign to the subinterface is then the default-gateway for the clients in that vlan.

Jon

216
Views
0
Helpful
1
Replies
CreatePlease to create content