Hi,
I am really struggling to conceptualise how to get this to work, and would really appriciate some suggestions.
Setup
Retail VLAN (VLAN 203)
Range: 10.2.23.0/24
Default Gateway: 10.2.23.1
Internet VLAN (VLAN 2)
Range: 10.2.2.0/24
Default Gateway: 10.2.2.1
Plus many various corporate VLANs
Corp VLAN (VLAN 10)
Range: 10.2.10.0/24
Default Gateway: 10.2.10.1
The default route for the router is:
route 0.0.0.0/0 next-hop 10.2.2.1
Question
Is there a way for us to restrict access from the Retail VLAN (203) to all other VLANs and still allow it to access the default route to the Internet of 10.2.2.1?
There is also going to be a chance that we would want inbound access from other VLANs to the Retail VLAN, so do not want to completely remove routes to and from this network if possible.
We also have a large number of VLANs and do not wish to go to each VLAN and restrict inbound access from the Retail VLAN each time a new VLAN is created.
I hope I have provided a good enough explanation, if not please ask me for more details. I would really appreciate some help with this.
Josh