This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
Can I isolate VLAN traffic without using a firewall?
I would like to create a switch configuration having 3 VLANS in routed mode so that the following would be true:
a) An external Internet router (i.e., one plugged into one of the VLANS) is the gateway for all devices on all VLANS;
b) No device on any VLAN can access a device on any other VLAN. Each VLAN is therefore "private."
Is this possible? If so, what should the default route be in the routing table, assuming I have VLAN10 addressed as 192.168.10.0/24, VLAN20 as 192.168.20.0/24, and VLAN30 as 192.168.30.0/24?
Lastly, is an external firewall needed to protect each VLAN from all other VLANs? Or can a switch configuration take care of this?
Basically, by default, VLANs do not communicate with each other that is why we created VLANs to separate the devices on each network. Even if there is a firewall, as long as the inter-VLAN routing is disabled, then it will be isolated.
Basically, by default, VLANs do not communicate with each other that is why we created VLANs to separate the devices on each network. Even if there is a firewall, as long as the inter-VLAN routing is disabled, then it will be isolated.
