08-21-2007 01:17 PM - edited 03-03-2019 06:24 PM
Hi,
I need to allow multiple vlans access to shared subnets whist maintaining vlan and IP security via a FW. What's be best way of doing this ?
08-21-2007 01:33 PM
Which FW do you have?
if you have an ASA firewall you can create security contexts and map these to each vlan you create on the switches
HTH
Narayan
08-21-2007 01:59 PM
Thanks,
That's basically what I'm looking to do. I have Checkpoint FW, is it possible to map vlans to subnet's/ports using Checkpoint ?
08-21-2007 10:41 PM
Hi
Not entirely sure i fully understand your requirements.
If you want to map checkpoint interfaces to vlans then just ensure the relevant port that the checkkpoint interface connects into is in the right vlan.
Checkpoints can also do 802.1q trunking.
Jon
08-22-2007 12:01 AM
Jon,
I think the user wants to have virtual instances & each instance to be mapped to one vlan.
If we map the physical interfaces, thne he may require a lot of them depending on the vlans
Narayan
08-22-2007 12:31 PM
yes I have an 802.1q truck carrying multiple vlans to the FW and the same on the other side...
for example I want to allow vlan 10,20 & 30 to access vlan 100 on the inside but don't want 10,20 & 30 to be able to talk to each other via vlan 100 !
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide