I have VLAN 1 using IP range 192.168.0.x as a primary network.
A web server accepting incoming requests from the internet is on VLAN 3 using IP range 192.158.10.x.
Inter-VLAN routing is disabled.
I want to keep the web server VLAN3 fairly walled off from the primary network, with the exception of web and RDP traffic (ports 80, 443, and 3389) from VLAN 1 machines to the VLAN 3 server.
For example, a client on VLAN 1 should be able to open a web page on the VLAN 3 server using the public Internet IP address.
The connection is failing currently, I assume because Inter-VLAN routing is disabled.
How can I allow web and RDP traffic from VLAN 1 to VLAN 3 while blocking everything else on VLAN 3?