FWG + L3 router doing inter-VLAN routing

Follow

Imran Toorawa

• October 02, 2022 22:01

Hello,

I've been using Firewall Gold for a while on a flat network. Now, looking for segment it with a layer 3 switch (router). 

Need some help with the setup below:

FWG <--> L3 router <--> client devices

The L3 router has multiple VLANs defined and ideally, would be doing inter-VLAN routing. 

How should the router and FWG be setup so that the FWG acts as DHCP and DNS server for each VLAN but the L3 router does inter-VLAN routing and ACLs? Is this scenario possible? Or does the L3 router have to be in L2 switch mode in order to accomplish this?

 

Thanks!

0

• 

  Firewalla

  • October 03, 2022 03:01

  Any reason you are thinking this way? Having nesting routers means, the routers are managing different segments of the network ...DHCP can go across routers (unless there is a relay ... but this is for a completely different purpose).

  0

  Comment actions Permalink
• 

  Imran Toorawa

  • October 03, 2022 20:06

  I wanted to offload some load from the FWG and have the switch take care of inter-VLAN routing. At the same time, still use the FWG's security features to control and monitor traffic. 

  Looks like in this case though, that the switch will have to function has a managed switch only (not a router), and the FWG will perform inter-VLAN routing.

  0

  Comment actions Permalink
• 

  Firewalla

  • October 04, 2022 00:08

  A managed switch usually can't do layer 3 routing, so the only way is probably use firewalla in route rmode and have the switch connecting to the LAN ports

  0

  Comment actions Permalink
• 

  Imran Toorawa

  • October 04, 2022 18:26

  Well the device is capable of layer 3 routing but that can be disabled so it works as a layer 2 switch only. 

  So back to the original query - simplest solution is to put the router into switch mode and use FWG to do all the inter-VLAN routing + DHCP, DNS + security

  0

  Comment actions Permalink

Please sign in to leave a comment.