Routing networks through vlan to allow content filter
Posted on 2007-03-21
I have a few questions regarding something i would like to setup/change. I would like to block web access from all our IP-VPN connections. Currently we are provided a private IP-VPN solution through Bell. They have a cisco router here that attaches to our Lan. I have a Sonicwall Router/Firewall device as out gateway and edge device. I would like to use the content filtering feature of the Sonicwall but in order to do this i must turn on the content filter on the Lan zone to block the websites and such. This causes a problem because i do not want to restrict our local Lan with this service. The sonicwall's have other interfaces that i can plug the Bell service into but i don't have access to change the Lan IP of their router so i need a way to route traffic to it. I assume i can create a vlan or two on our cisco 3560 to enable what i need. I have attached a quick sketch of our current setup, i'm just not sure the best route.
The problem that i face is in order to hookup the IP-VPN network to the new soniocwall interface it must be a different subnet. So i would assume i need to find a way to route between the two. Do i use vlan's? is there a better way?
Cisco 3560 ----------------- Bell router (Lan IP 192.168.1.70)-------------------WAN connected to 10.0.0.0
Local subnet is 192.168.1.0/24
Do i create a vlan on the cisco 3560? Do i hookup the bell network directly to the interface on the sonicwall?
thanks in advance