catalyst 6513 vlan question

[thenetpoet]

hi,

we have a cat 6513 and a number of vlans attached to it, for example vlan 500, 501, 502,503.
By default those vlans communicate with eachother.
What we'd like to do is redirect all traffic from vlan 500 destined for vlan 501 to a firewall in vlan 502, and then the firewall should decide if this traffic will be allowed.
The problem we have is that all vlans are directly connected and thus communicate from this route which has a metric of 0.
We tried route maps on the vlan interface but with no luck.
Any suggestions?

 

[laptop8]

If I remember correctly, there is a command on the 6500 series like "vlan alias" where one vlan is directly connected to another vlan. It is acually supposed to transpose traffic from vlan A to vlan B and then disabling vlan A. But maybe you can use this function for your purpose.

 

[Guest_imported]

not sure if i get it completely, but i would remove routing between the vlans, put one firewall interface in vlan 500, use that ip as default gateway. Put othe rfirewall interface in vlan 501 and do the same. That way the firewall can route between vlans.

Or am i missing something

 

[laptop8]

That is right and will function!