I am pretty new to setting up VLANS and I am needing to setup some on one of my networks. Here is what I have come up with so far.
Total of 6 VLANS
Services 10.20.0.1/24 VLAN 2 (Shared resources, Printers, File, Print and Data servers)
Staff 10.20.2.1/24 VLAN 3
Student 10.20.4.1/22 VLAN 4
Guest 10.20.8.1/22 VLAN 5
I am using a Fortigate for Firewall and some routing but I would rather the switches handle all the routing between VLANS. I do not want any of the VLANS to talk to each other with the exception of staff and student talking to services. We are Windows environment using Windows DHCP and DNS for clients.
My question is what would be the best way of handling this?
Do I Trunk the server ports and the Fortigate ports?
How to I keep Staff, Student talking only to services and not each other?
The guest VLAN is for Internet only, that one I my just Trunk to the Fortigate and let it handle it since I do not want it talking to anything but the the Fortigate.
Could I put another Trunk for the Fortigate into the services VLAN for Internet access?
A lot of questions, I know, but I would rather get them all out there instead of making this a long drawn thread.