Configure interconnecting VLANs (firewall and gateway on Coresw)

[TigerDao]

Configure connection VLAN​

Model:

The gateway of vlan 20 is on the firewall (in the experiment, we used a router to simulate the firewall)

The 10.30 vlan has a gateway on the core switch

We need to configure the PC of vlan 20 to connect to vlan 10.30. The flow chart is as follows:

Configuration:

Between the firewall and the core switch we create vlan 40:

Then allow additional vlan 20 on the switch and set subinterface e0/0.20 on the router

​

router:

Interface Ethernet0/0.20

Package dot1Q 20

IP address 192.168.20.1 255.255.255.0

!

Interface Ethernet0/0.40

Package dot1Q 40

IP address 10.1.2.1 255.255.255.0

!

IP routing 192.168.10.0 255.255.255.0 10.1.2.2 ##Route to LAN range vlan 10

IP routing 192.168.30.0 255.255.255.0 10.1.2.2 ##Route to LAN range vlan 30




Switch core:


Interface Ethernet 0/0 ##Connect to the port of the firewall

Switch port trunking allows VLAN 20.40

Switch port trunk encapsulation dot1q

switch port mode trunking

!

Interface Ethernet 0/1

Switch port access VLAN 20

Switch port mode access

!

Interface Ethernet 0/2

Switch port access VLAN 10

Switch port mode access

!

Interface Ethernet 0/3

Switch port access VLAN 30

Switch port mode access

!


Interface VLAN10

IP address 192.168.10.1 255.255.255.0

Do not shut down

!

Interface VLAN30

IP address 192.168.30.1 255.255.255.0

Do not shut down

!

Interface VLAN40 ##Connect to firewall

IP address 10.1.2.2 255.255.255.0

Do not shut down

!

IP routing 192.168.20.0 255.255.255.0 10.1.2.1 ##Route through firewall to VLAN range 20



Test again:

VLAN 20 ping VLAN 10 and VLAN 30: OK

Xem tiếp...