06-08-2022 01:02 PM - edited 06-08-2022 01:39 PM
Hi All!
I got dragged into a partly configured project & am trying to piece together what's needed
*UPDATE because I worded this poorly
Network:
Firewall -> Aggregate C3850-S
-> Trunk -> (A) C3850-S
-> Trunk -> (B) C3850-S
-> Trunk -> (C) C3850-S
A, B, & C contain many /30 Vlans connected to corresponding DHCP pools (They give out 1 specific IP)
Vlans are all configured with a INT address & only are populated on their corresponding switch
A is 192.168.5.0 - split into Vlan 2-20 all /30
B is 192.168.6.0 - split into Vlan 26-49 all /30
C is 192.168.7.0 - split into Vlan 50-73 All /30
The trouble, as always, is internet access. I've tried a lot of different route combinations on the Firewall & Switches but they never seem to pick up internet access
A buddy theorized I could make the interface on the firewall 192.168.4.1/16 & make that the default router for all the vlan (DHCP) but I cannot seem to get that to work
Any ideas? Struggling here
Solved! Go to Solution.
06-08-2022 01:31 PM
The links between all switches are Trunks - the only common Vlan between them is Vlan 1
Currently the link between the aggregate switch & the firewall is trunk allow all vlan
06-08-2022 01:33 PM
Switches all are trunk ports they allow their Vlan connections - the only common Vlan is vlan 1
The Aggregate switch to the Firewall is Trunk allow Vlan all
06-08-2022 01:21 PM
Hi
Does you firewall supports subinterface and dot1q?
You can create vlan per switch and corresponding subinterface on the firewall. The firewall would perform intervlan routing and traffic filtering among those vlans and would be the gateway to the internet.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide