Re: Internet to switch from Firewall

kcross · ‎12-06-2022

So we are gearing up to replace a netgear switch with a Cisco Catalyst 9300 and I have a few questions regarding the config between the switch and the firewall. The firewall acts as a DCHP server, DNS, and handles all routing so in our case the switch will only act as a Layer 2 device. In our case Gigabit Ethernet 1/0/1 is connected to the firewall as a trunk port to pass all other VLAN traffic to it. We have the default gateway set to 10.10.1.10 which is a apart of the VLAN 1 subnet on the firewall (10.10.1.1). Would using VLAN 1 cause any issues with passing traffic since this is the default subnet? I will share a copy of our cisco switch config as well as the interfaces on the firewall. Any help would be greatly appreciated! Also in our config does it show VLAN 1 is even created? I imagine it is because it is the default vlan but would like some confirmation on this as well

kcross · ‎12-06-2022

Also, is there a reason I am unable to see the first port gigabit ethernet 1/0/1?

Reza Sharifi · ‎12-06-2022

Per below config, the default gateway is part of vlan 5. Also, there is no access port assigned to vlan 5 on the this switch. 


interface Vlan5
 ip address 10.20.1.10 255.255.255.0
!
ip default-gateway 10.20.1.1

kcross · ‎12-06-2022

I apologize, the VLAN 5 is apart of a test network, we will be moving the default gateway to 10.10.1.1 and using VLAN 1

kcross · ‎12-06-2022

In our live environment the default gateway will be 10.10.1.1 which is why we have the SVI created for VLAN 1 (10.10.1.10). Would using VLAN 1 cause any sorta issues here?

Reza Sharifi · ‎12-06-2022

Vlan 1 should work fine, but for security reasons, most organizations shut down vlan 1 altogether and use a different VLAN as the native vlan.

HTH