Wired Intelligent Edge

Hello guys this is my scenario at my network as a Temporarily till i get firewall

Now I have   Router Cisco 888 from ISP

As you know Switch 8320 didn't have UTP only fiber optical so I contacted directly with my access switch

And make a vlan 10 then make the port untagged and connected with my core switch 8320 and make port between core and access as tagged, so my issue now there is any way to can allow internet through any vlan except vlan 10 

Such as I'm now at Vlan 15 with ip 192.168.10.10 can I make any configure at my core switch like a routing or any to make all vlans allow internet ??  
,Some one telling me i must add all Vlans at ISP Router with configure
router eigrp
and i didn't have access to ISP Router and i'm asking with any way from my Core switch 

------------------------------
Ahmed Fares
------------------------------

Your 8320 will cheerfully serve as your inter-VLAN router.  For example purposes, I am assuming your cisco box is on vlan10 with an ip address of 10.10.10.254, and that your layer 2 configuration is done.  You'd have a configuration on the 8320 like

Your clients on vlan 15 should use 192.168.10.1 as their default route.  This should be a barebones but working config.

------------------------------
John Kupski
------------------------------

Original Message:
Sent: Mar 01, 2021 03:10 PM
From: Ahmed Fares
Subject: Routing at Switch 8320

Hello guys this is my scenario at my network as a Temporarily till i get firewall

Now I have   Router Cisco 888 from ISP

As you know Switch 8320 didn't have UTP only fiber optical so I contacted directly with my access switch

And make a vlan 10 then make the port untagged and connected with my core switch 8320 and make port between core and access as tagged, so my issue now there is any way to can allow internet through any vlan except vlan 10 

Such as I'm now at Vlan 15 with ip 192.168.10.10 can I make any configure at my core switch like a routing or any to make all vlans allow internet ??  
,Some one telling me i must add all Vlans at ISP Router with configure
router eigrp
and i didn't have access to ISP Router and i'm asking with any way from my Core switch 

------------------------------
Ahmed Fares
------------------------------

Hi,

Yes but you need to add static route on ISP Router or enable NAT on core but it is not available on the switch (it is a router not a firewall)

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281
------------------------------

Original Message:
Sent: Mar 02, 2021 02:40 PM
From: John Kupski
Subject: Routing at Switch 8320

Your 8320 will cheerfully serve as your inter-VLAN router.  For example purposes, I am assuming your cisco box is on vlan10 with an ip address of 10.10.10.254, and that your layer 2 configuration is done.  You'd have a configuration on the 8320 like

conf 

int vlan 10

description To-Internet

ip address 10.10.10.1/24 

exit

int vlan 15

description Office-Access

ip address 192.168.10.1/24

exit

ip route 0.0.0.0/0 10.10.10.254

exit

Your clients on vlan 15 should use 192.168.10.1 as their default route.  This should be a barebones but working config.

------------------------------
John Kupski

Original Message:
Sent: Mar 01, 2021 03:10 PM
From: Ahmed Fares
Subject: Routing at Switch 8320

Hello guys this is my scenario at my network as a Temporarily till i get firewall

Now I have   Router Cisco 888 from ISP

As you know Switch 8320 didn't have UTP only fiber optical so I contacted directly with my access switch

And make a vlan 10 then make the port untagged and connected with my core switch 8320 and make port between core and access as tagged, so my issue now there is any way to can allow internet through any vlan except vlan 10 

Such as I'm now at Vlan 15 with ip 192.168.10.10 can I make any configure at my core switch like a routing or any to make all vlans allow internet ??  
,Some one telling me i must add all Vlans at ISP Router with configure
router eigrp
and i didn't have access to ISP Router and i'm asking with any way from my Core switch 

------------------------------
Ahmed Fares
------------------------------

Yes, the Cisco device will need routes back to whatever IP space he was using.  I admit I assumed he was using RFC1918 networks already and doing NAT on that router.

To follow up on my post to OP, the Cisco box does need to know about your internal networks and have routes (which should be the 8320) but it does not (necessarily) need to knwo about all of OPs VLANs, or being using EIGRP or other routing protocols... static routes would likely be preferable for something this simple.

------------------------------
John Kupski
------------------------------

Original Message:
Sent: Mar 02, 2021 03:28 PM
From: Alexis La Goutte
Subject: Routing at Switch 8320

Hi,

Yes but you need to add static route on ISP Router or enable NAT on core but it is not available on the switch (it is a router not a firewall)

------------------------------
PowerArubaSW : Powershell Module to use Aruba Switch API for Vlan, VlanPorts, LACP, LLDP...

PowerArubaCP: Powershell Module to use ClearPass API (create NAD, Guest...)

PowerArubaCX: Powershell Module to use ArubaCX API (get interface/vlan/ports info)..

ACEP / ACMX #107 / ACDX #1281

Original Message:
Sent: Mar 02, 2021 02:40 PM
From: John Kupski
Subject: Routing at Switch 8320

Your 8320 will cheerfully serve as your inter-VLAN router.  For example purposes, I am assuming your cisco box is on vlan10 with an ip address of 10.10.10.254, and that your layer 2 configuration is done.  You'd have a configuration on the 8320 like

conf 

int vlan 10

description To-Internet

ip address 10.10.10.1/24 

exit

int vlan 15

description Office-Access

ip address 192.168.10.1/24

exit

ip route 0.0.0.0/0 10.10.10.254

exit

Your clients on vlan 15 should use 192.168.10.1 as their default route.  This should be a barebones but working config.

------------------------------
John Kupski

Original Message:
Sent: Mar 01, 2021 03:10 PM
From: Ahmed Fares
Subject: Routing at Switch 8320

Hello guys this is my scenario at my network as a Temporarily till i get firewall

Now I have   Router Cisco 888 from ISP

As you know Switch 8320 didn't have UTP only fiber optical so I contacted directly with my access switch

And make a vlan 10 then make the port untagged and connected with my core switch 8320 and make port between core and access as tagged, so my issue now there is any way to can allow internet through any vlan except vlan 10 

Such as I'm now at Vlan 15 with ip 192.168.10.10 can I make any configure at my core switch like a routing or any to make all vlans allow internet ??  
,Some one telling me i must add all Vlans at ISP Router with configure
router eigrp
and i didn't have access to ISP Router and i'm asking with any way from my Core switch 

------------------------------
Ahmed Fares
------------------------------