Happy Friday! I have recently taken over management of a network set up by another consultant. There are several VLANS set up on the network and at the moment, they all rely on a server running on the default VLAN for DHCP and DNS. All of the "production" VLANS are in 10.20.xxx.xxx ranges. The guest WiFi VLAN is on the 172.20.xxx.xxx range. 2 questions then. Can I group the "production" VLANS in a layer 3 firewall rule by denying traffic to/from 10.20.0.0/24? Will that kind of firewall rule prevent devices on this VLAN from obtaining IP addresses and DNS info from the server on the default VLAN? It's not a major tragedy if it does, I can have the MX respond to DNS queries on that VLAN I suppose. Thanks for your time.
... View more