Vlan Setup with Cisco L3 swithces

Comments

6 comments

  • Avatar
    Husain Basir

    0
    Comment actions Permalink
  • Avatar
    Firewalla

    1. Are you going to have two different networks? one for the Gold and one routed to the internal network?

    2. All firewalla ports are trunk ports, so you can pass VLAN's ontop of them

     

    0
    Comment actions Permalink
  • Avatar
    Husain Basir

    1. I would like to have the Gold as the edge device with the public IP. No I would like to have the Gold part of Vlan 10

    2. In that case I can trunk the port and still use native vlan to have my default gateway the gold IP.

    0
    Comment actions Permalink
  • Avatar
    Husain Basir

    0
    Comment actions Permalink
  • Avatar
    Husain Basir

    0
    Comment actions Permalink
  • Avatar
    Husain Basir

    From hear trunk your LAN network to the Firewalla port. ALL the Firewalla Networks are not a LAN type they are a VLAN type (Tag your VLANS#).

    Ensure that your switch can ping google. You still need to have a default route out. In this case I have used my VLAN 10. I used the IP address of 10.15.10.254 (Firewalla IP on that Network VLAN)

    Next ensure that your DHCP server (windows or Linux) will give out the IP address you gave each of your VLANS on the Firewalla NOT YOUR L3 SWITCH.

    This the big difference, in Cisco world once you enable ip routing the switch will push traffic out your 0.0.0.0 0.0.0.0 Next hop. All your VLANS will be able to communicate and get DNS/www. traffic. Your DHCP pools will also have your Switch VLAN IP as the default gateway. 

    I suspect it is because the Firewalla is identifying that network traffic and will drop the packet. 

    Hope this helps anyone that is doing what I am doing. Thanks for reading. 

    0
    Comment actions Permalink

Please sign in to leave a comment.