J

1 Message

 • 

70 Points

Wed, Jun 23, 2021 9:30 AM

Routing and ACL. To direct traffic to firewall

Hi,

I have a very unique setup witch I would like to implement in the company.

We have a Stack of 7850 as Core Router. We got up to 100 VLANs implemented.
I plan to route some of the VLANs in the Switch Stack eg. VLAN1 to VLAN2 is routed over the switch. Same with VLAN 3 to VLAN4.
To the firewall I want to configure transfere VLANs eg. VLAN1 and VLAN2 are using VLAN10 to get to the firewall and VLAN3 to VLAN5 use VLAN11 (this is because of the nature of the existing VLANs and the firewall using VLAN ID to apply the rules)

I´m new to ruckus so I´m not sure if my idea to get this working will work.
When I implement an ACL on VLAN1 to deny acces to VLAN3 will the switch stop every traffic to VLAN3 or can I set a route over VLAN10 and back from the firewall so VLAN1 will only acces VLAN3 via the firewall?

Employee

 • 

187 Messages

 • 

3.2K Points

5 m ago

Hey there, 

If you apply an ACL on vlan1, it will be checked any time traffic ingresses that vlan/ve. It will not affect traffic that never uses vlan1 as a path (ex. vlan10>vlan3). 

Overall, this seems like a design question that should be handled by the Systems Engineer and/or your account team. I would advise getting in touch with them and they can help you from that standpoint. If you are unsure who that is, please feel free to open a support case (see below) and we can try to find the correct contact for you. 

Important Announcement