- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Can I isolate VLAN traffic without using a firewall?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would like to create a switch configuration having 3 VLANS in routed mode so that the following would be true:
a) An external Internet router (i.e., one plugged into one of the VLANS) is the gateway for all devices on all VLANS;
b) No device on any VLAN can access a device on any other VLAN. Each VLAN is therefore "private."
Is this possible? If so, what should the default route be in the routing table, assuming I have VLAN10 addressed as 192.168.10.0/24, VLAN20 as 192.168.20.0/24, and VLAN30 as 192.168.30.0/24?
Lastly, is an external firewall needed to protect each VLAN from all other VLANs? Or can a switch configuration take care of this?
Thanks,
Tim_in_VA
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Welcome to our community! 🙂
Basically, by default, VLANs do not communicate with each other that is why we created VLANs to separate the devices on each network. Even if there is a firewall, as long as the inter-VLAN routing is disabled, then it will be isolated.
Regards,
John
NETGEAR Community Team
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Welcome to our community! 🙂
Basically, by default, VLANs do not communicate with each other that is why we created VLANs to separate the devices on each network. Even if there is a firewall, as long as the inter-VLAN routing is disabled, then it will be isolated.
Regards,
John
NETGEAR Community Team