Setup - Layer 3 switch with multiple VLANS. I want to connect a DSL router into one of the switch ports and have only certain VLAN members (call it Vlan 5) use the router for Internet access.
I obviously do not want any risk of Vlan 5 being able to route to other vlans/subnets on the L3 switch.
So far I've configured the switchport that will take the DSL router to be in VLAN 5 and the plan is to have the router dish out IP addresses via DHCP to VLAN 5 members. The DHCP pool is 10.1.1.0 /24
Do I need to have some sort of ACL on the VLAN interface?
The end result is to have 10.1.5.0 /24 network (Vlan 5) totally independent with no risk of traffic being able to traverse other areas of the network.
Is it just a case of adding machines to Vlan 5 switchports and they will pick up DHCP from the router? Any security concerns I would need to look into?