I have two ISP wan connections that need to terminate in a layer three switch. How can i use vlans to separate the connections terminating in the wan switch? I have i firewall that needs to be connected to this wan switch. How can i design this?what vlans do i need to create and how do I route them to the firewall?
Any example of deployment in this scenario would be helpful.
Are these Internet facing ISPs?
What type of switch do you have?
The providers usually don't use vlans. They use layer-3 point-to-point link. Most switches support routed layer-3 links. So, you can simply use a /30 per provider and establish 2 peering.
The links from ISP are the internet facing links. I have layer 3 switches i.e 3560's. I have seen a situation where the wan aggregation switch is segmented with vlans then traffic redirected to firewall,thats what i want to learn, why they do that.
Thanks for your response.
Usually that is the case when the provider provide you the public IP and they are your default gateway on the same segment.
So, a couple of questions:
Are you planning to use NAT, if yes, the 3560 series switches do not support NAT. You need a router to do that.
Do you have your own public IP segment or the provider is providing that too you?