3560G config issues

mohammedrashid459 · ‎08-02-2016

Dear Experts,

I have a internet connection and it has a pulic static IP with 125.XX.XX.XX and have got some users like 20 users in my internal LAN . I have placed 5 laptop users in VLAN10 , 5 PC users in VLAN20, 5 servers in VLAN30 and wireless router in VLAN40 so that all mobile, tab and laptop users can connect to the wireless router. And also I want to keep all the VLANs in totally different subnet.

All VLANs traffic should go to internet and comeback as usual and also all the VLANs should communicate with each other without any restrictions at the moment., later on we can restrict them by using access list and mainly with cisco firewall5506.
I have got couple of OPEN VPN servers in my inside LAN which is in VLAN30 and this servers should be accessible from the outside world. In my diagram I have got 2 mobile users on the top corner right hand side and they want to access the internal LAN of my network from outside world (may be some web or file server for uploading files from outside world by using those OPEN VPN servers / VPN gateways.

My main concern is., is it possible for me to connect that WAN link to the 3560G multilayer switch, if I can really connect connect then what port do I need to connect to or should it be any specific port or it can be any.
If I cannot connect the WAN link that's coming from ISP to the 3560G MLS then can I connect it to the Wireless TP-LINK router and will this TP LINK router would be able to forward all VLANs traffic to the internet and also will it allow all the different VLANs to communicate with the every other VLAN in the network. As far as I know the TP-link router only supports STATIC routing .
If routing needs to enable on 3560G then what routing protocol do i need to use or can I just static routing and how about the port forwarding.

This is just a small basic setup . Any help or advice would be really appreciable .

There could be mistakes in my setup or the way I have explained things and please feel free to correct my setup or if you think there is some thing that needs to be changed.

Please find the attached diagram with this

Waiting for the quick response on this...please

Thanks

Mohammed Rashid

Mark Malone · ‎08-02-2016

Hi Mohammed

My main concern is., is it possible for me to connect that WAN link to the 3560G multilayer switch, if I can really connect connect then what port do I need to connect to or should it be any specific port or it can be any.

You could connect it direct but remember switches don't do any NAT so this may not be an option as your internet facing , as well the ISP termination would have to be Ethernet not adsl and the switch would need a ipbase image at least

If I cannot connect the WAN link that's coming from ISP to the 3560G MLS then can I connect it to the Wireless TP-LINK router and will this TP LINK router would be able to forward all VLANs traffic to the internet and also will it allow all the different VLANs to communicate with the every other VLAN in the network. As far as I know the TP-link router only supports STATIC routing .

Static routing is fine , just forward all your traffic with default route to the TP link router ip route 0.0.0.0 0.0.0.0 x.x.x.x, you need the router as the router will do the NAT(probably automatically on in small router like that just make sure its enabled but should be by default ) for any local devices that need to beak out onto the internet