Setting up a VLAN across switches and firewall

jimruns919 · Sep 13, 2013

I have 2 managed L2 switches and a firewall. The firewall has 4 ports which can be setup as different LANs. I need to separate 3 connections from my network and here is how it is setup.

Switch 1 - Port 5 is the direct connection for all 3 connections.

Switch 2 - Port 19 is the incoming for Switch 1. Port 21 is the firewall connection.

I want these connections to be separate and not see my network at all, just have access to the port on my firewall so they can get online when needed.

SO switch 1 port 5 does not need to be in multiple VLANS only 1. Port 19 on Switch 2 does need to be in multiple VLANs as it is carrying traffic from both port 5 as well as 2 other ports with connected computers which all need to be in VLAN 1 not VLAN 20.

All help is VERY welcomed.

RaDiKaL_ · Sep 14, 2013

I don't get really clear how many VLANs you need nor what devices need to be on X VLAN.

What I can tell is that you need to set SW2 Port 19 on trunk mode on both switches, if your firewall can handle virtual sub-interfaces on the same interface then you have to configure on that interface the different sub-interfaces (i.e. f0/0.1 IP x.x.x.x for VLAN1, and f0/0.20 y.y.y.y for VLAN20).

all other links on the switches that handle only one VLAN have to stay on access mode assigned to their correspondent VLAN.

Could help you more if you would upload an image of your topology because It wasn't that clear (at least for me).

jimruns919 · Sep 14, 2013

RaDiKaL_ :

Thank you for answering and I am working on the image. I will try to clear it up a little more.
This is a resort and the last IT person added the Business Center, which is just 2 computers and 1 extra hook up for a guests personal laptop, up to the company wide network. I need to separate it from the network. So how it works in 3 connections in BC connect to an unmanaged switch which then connects to a Managed switch on port 5. then port 4 is the uplink to a 2nd managed switch in my computer room on port 19 and then port 21 is the connection to LAN2 port on my firewall. Currently LAN1 port on firewall is connected for all employees on my network with the scheme of 10.1.x.x and lan port 2 is set to 18.3.x.x

I think I need to set port 5 to ACCESS on VLAN 20 and then set port 4 as TRUNK on switch 1
Switch 2 I believe I need to set port 19 as trunk and then port 21 as ACCESS on vlan 20 as I only want the BC computers connecting to that port. But do I need to then create VLAN 1 and VLAN 20 on the firewall as well?

sg4rb0 · Sep 14, 2013

jimruns919 :

RaDiKaL_ :

Thank you for answering and I am working on the image. I will try to clear it up a little more.
This is a resort and the last IT person added the Business Center, which is just 2 computers and 1 extra hook up for a guests personal laptop, up to the company wide network. I need to separate it from the network. So how it works in 3 connections in BC connect to an unmanaged switch which then connects to a Managed switch on port 5. then port 4 is the uplink to a 2nd managed switch in my computer room on port 19 and then port 21 is the connection to LAN2 port on my firewall. Currently LAN1 port on firewall is connected for all employees on my network with the scheme of 10.1.x.x and lan port 2 is set to 18.3.x.x

I think I need to set port 5 to ACCESS on VLAN 20 and then set port 4 as TRUNK on switch 1
Switch 2 I believe I need to set port 19 as trunk and then port 21 as ACCESS on vlan 20 as I only want the BC computers connecting to that port. But do I need to then create VLAN 1 and VLAN 20 on the firewall as well?

Jesus christ, just upload a network diagram

Search

Setting up a VLAN across switches and firewall

jimruns919

Honorable

sg4rb0

RaDiKaL_

Splendid

jimruns919

Honorable

sg4rb0

Honorable

TRENDING THREADS

Latest posts

Moderators online

Share this page