What needs to be configured in a firewall placed between router and core switch running on trunk mod...

getaway51 · ‎11-03-2017

Currently the trunk status between core switch and router is UP and running all traffic for all VLANs.

If i placed a firewall between the trunk connection, can traffic still goes through?

1)Can the firewall configured as L2 transparent mode for this purpose? Can the trunk between router & core switch still UP?

Someone told me that traffic from router to switch stiill working, but firewall policy wont take affect since it doesnt understand tagged frame, is it true?

2)OR i need to configure both firewall ports facing to core switch & router as Trunk port(allowed all VLANs).Only then the fw can understand tagged frame & fw rules will take effect.

Which method 1) or 2) is working or both working?

Pls helppp!!!!

Flavio Miranda · ‎11-04-2017

Hello @getaway51

There's no trunk or l2 more firewall. What we have is routed or transparent more.

The answer for you questions is: If you install a firewall between those switches and you are using trunk, then you need to configure trunk between firewall and switches, even in transparent mode.

-If I helped you somehow, please, rate it as useful.-

getaway51 · ‎11-04-2017

Thank you for yr comments.
1)Do you mean that even if the fw is configured as transparent mode,it
won't work in this scenario unless both ports setup as trunk port with
appropriate vlan tagging?
2)Can the trunk still up if fw setup as transparent mode without trunk
configuration?

Is there any reason behind this?

What needs to be configured in a firewall placed between router and core switch running on trunk mode