ā07-02-2024 03:13 AM
Question
Hey there,
we are having an IT debt made by previous workers and we need to fix that.
Following Situation:
Switch config
VLAN 10 is our Client Network
VLAN 20 is our Server Network
Intervlan Routing is active
Path
User > Access-Switch > Core-Switch > Dell Switch > ESXI-Host > Virtualized Server
Internal users are able to communicate to servers without passing through our firewall. We want to forward every client > server traffic through our firewall in order to set necessary security rules. Removing VLAN 20 would cause a lot of problems. How can we disable intervlan routing between those two vlan in order to route traffic to our fw? Any ideas or other suggestions?
ā07-02-2024 03:16 AM
only make the Server and Clinet GW is FW, this done by DHCP, make DHCP push FW IP to client and server
MHM
ā07-02-2024 04:17 AM
Who is doing Intervlan Routing ? your Core switch L3 switch , right/
You have some options: disable inter-vlan routing for all vlans on Cisco switch with no ip routing command; remove default gateway from PCs (prevents reaching remote networks), use ACLs or Vlan ACLs (VACLs, aka Vlan access maps) - the fancy way of doing things.
Regards, ML
**Please Rate All Helpful Responses **
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide