creeping666
Technical User
I'm not sure how to setup VLANs with a zone based firewall:
Scenario
--------
On the network there are:
1) Common devices that all VLANs need access to (printers, scanners ...)
2) Servers that only some VLANs need access to (sales, admin, production ...)
3) Guest VLANs that should only have access to the common devices VLAN
Sample network
--------------
- 2950 swicth trunked to a router with sub interfaces or SVI's and IP routing enabled. (router on a stick)
- The switch and router have the same VLAN's.
Questions
---------
1) Would you put each VLAN in its own zone and then setup zone pairs between them?
If so, it seems like a lot of almost double up configuration if there were lots of VLANs
Is there a better way to do it?
Thanks.
Scenario
--------
On the network there are:
1) Common devices that all VLANs need access to (printers, scanners ...)
2) Servers that only some VLANs need access to (sales, admin, production ...)
3) Guest VLANs that should only have access to the common devices VLAN
Sample network
--------------
- 2950 swicth trunked to a router with sub interfaces or SVI's and IP routing enabled. (router on a stick)
- The switch and router have the same VLAN's.
Questions
---------
1) Would you put each VLAN in its own zone and then setup zone pairs between them?
If so, it seems like a lot of almost double up configuration if there were lots of VLANs
Is there a better way to do it?
Thanks.
