Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
472
Views
0
Helpful
1
Replies

Create VLan in local infrastructure using Firewall routing

ashishd-1983
Level 1
Level 1

‎02-27-2015 06:37 AM - edited ‎03-07-2019 10:52 PM

HOW TO BUILD VLAN in L2 switch SM300 with firewall routing.

 

 

Query:

 

In our infrastructure we have two network zones. 1st one is local network (back office) 2nd one is Secure Network (FAMS).

 

We have 2 switches and 1 SonicWALL nsa2600 Firewall to manage our generic network.

 

Switch Models description

 

1. CISCO SM300-28

2. CISCO SM300-52

 

28 port switch is our uplink switch where we have created 4 port V-Lan for our Secure Network (FAMS).

 

52 port is our user network switch where, every user back office and secure network are connected.

 

What we want to do…

 

We want to use our SM300-52 port sharing through vLan.

 

In this scenario, we want 48 ports can isolate with 24 port for our secure network (FAMS) and 24 port can use for our back office network (Local network). But want to make sure that both network should not communicate with each other.

 

We have already created a routing rule through SonicWALL Firewall.

 

Our backbone MAP

 

Network Map

 

As we have L2 switch so that we can route through Sonicwall Firewall.

We have already created vlan-3 for both switch to communicate but it's not done.

Could you please help me out what should I have to do here.

 

-Ashish

 

Labels:
0 Helpful
1 Reply 1

josoneal
Cisco Employee
Cisco Employee

‎03-09-2015 09:34 AM

Hello Ashish,

Configure one of your CISCO SM300-28 switch ports as a trunk with all those VLANs added (all tagged, except the default VLAN of course). This will connect to your Sonicwall. You will also need to connect a second switch port from your CISCO SM300-28 to a switch port to your CISCO SM300-52. This connection will also be configured as a trunk with all VLANs added. Set the appropriate VLANs to eash switched port.

You will then need to add subinterfaces on the Sonicwall for each VLAN. So if X0 is the port connected to the switch, add X0.70, X0.80, etc. to the Sonicwall, with an IP in that VLAN, and set the subinterface to be on the appropriate VLAN.

Apply your routing rules through your SonicWall rules. You can also apply any ACL rules on the Cisco switches to for further filtering.

0 Helpful
Customers Also Viewed These Support Documents