My topology looks like this:
<--> VLAN 1 ------------- -------------------------- Internet <--> | Router / FW | <---> | Switch (VLANs + Subnets) | <--> VLAN 10 ------------- -------------------------- <--> VLAN 192
- The routers LAN interface has IP
10.10.1.127 / 22, so for VLAN 10 10.10.0.0 / 22 i have internet connection.
- Also, i have routing set up between
VLANs so i can ping any computer in
any vlan from any vlan.
As i understand, i need an interface for each vlan on router to be able to give internet connection to that vlan. I’ve tried plugging additional interface, and i’ve managed to get internet connection on additional vlan (vlan i configured interface on).
Isn’t there any other possibility/routing option to share internet accross all vlans with 1 interface? I may have VLANs over 4 that needs internet connection. I may run out of PCI slots for that and it also wastes ports on my switch.
Maybe the router software should be changed? It’s just a regular PC box. The router part is there for NATing, port forwarding and firewalling.
Maybe there is an alternative configuration option – like i could just put that box aside, plug internet into switch and just run all thraffic to/from internet throught that firewall? How do you call that – routing/firewalling on a stick? Is that possible?
as you have a layer-3 switch, you can create another vlan for your internet connection only, which will be connected to your router.
you can then assign members of different vlans to internet vlan for them to have internet access.
Basically setting up inter-vlan routing in your switch via “ip routing”.
default gateway for the switch would be the router taking it out to the internet either globally or a separate vlan.
Hope that helps