I am going to deploy a network with multiple VLANs, i have been using cisco firewall but this time the customer is short on money so had to install DELL Sonic-wall firewall there. Now the thing is that, I want to add multiple VLANs 2 or more and want to grant them access the internet, please correct me if i am wrong
1. I will have to create sub-interfaces for each vlan on switchport where i will connect Sonic-wall and configure that port as trunk & configure virtual sub interfaces on firewall (X0) LAN interface, ?
2. NAT policy , I have multiple subnets i want to create inbount/outbound NAT policy what is the best practise ?
Solved! Go to Solution.
For the routing you are much better off just creating a small transit VLAN between your core switch and the firewall. Then you only need that one inside interface on the firewall and it serves as the default gateway for the core switch. All non-local traffic from behind the core switch would then be routed outbound through there.
For NAT You can jsut make a single dynamic NAT policy translating internal adddresses to the firewall's public interface. Unless you have scaling or regulatory/legal concerns, that is the quickest and easiest setup.
okay so i should create multiple vlans on the switch and create svis for routing then configure a default gateway that will point towards firewall's ip, One seperate vlan betwen switch and firewall? so no need to configure the port as trunk right?
i will have to configure NAT on firewall as there is no option to configure NAT in cisco 3850,