Hey Everyone,
TLDR: I have VLANs A,B,C,D. How can I enable IP routing between VLANs A and B, C and D, but not A or B to C or D?
I do a lot of industrial networking as a consultant. The industrial world doesn't really do a TON of dynamic routing, this case everything will be static. I very frequently use a L3 Core switch to do IP routing between all my VLANs. Almost as frequently I use a Firewall as a Router between all VLANs.
(Overly simplified) I have a situation where I have 5 departments all connected to a core switch. Each dept has 25 VLANs within it. All depts share the same core/ distribution switches and there is no good way to change that.
Within a department I want to route all 25 VLANs on my L3 Core switch so they can talk freely but I want to route between different departments on the firewall for additional inspection. How can I make this work? ACL? Something else? I'm stumped but possibly missing an obvious solution.
This particular environment is all Cisco Catalyst.
Thanks!
aapitten
-CCNA Industrial
No comments:
Post a Comment