Multiple VLAN's with one internet connections
11-02-2018 12:56 AM
I'm setting up a network for a WeWork kind of scenario, when a bunch of different businesses share a common infrastructure. I have a bunch of 2930F switches and a Check Point 790 Firewall/Router that connects to the Internet. I want to assign every business a dedicated VLAN and subnet to segregate them, so they cannot see each other, but they could get Internet connectivity and DHCP from the router for each subnet.
A good guide would be much appreciated!
Re: Multiple VLAN's with one internet connections
11-05-2018 10:33 AM
As you have a dedicated firewall/router appliance to perform the role of gateway and traffic segregation, the best solution in this case would be to use Layer 2 VLANs on the 2930F (no IP addressing), untagged on the client ports and tagged across the uplink to the Check Point appliance, which would use firewall rules and/or ACLs to prevent inter-VLAN routing while permitting each business to utilize the shared Internet connection.