891f as a Bridge/Gateway for 2 separate internal networks - Page 2

fbeye · ‎01-02-2021

So I have managed to do this on my ASA 5508-X using Interfaces 7 and 8 but am a little confused if this is possible on the 891f.

I have 2 Wi-Fi Routers in the home, one with a 10.0.1.x subnet and one with a 10.0.2.x subnet. There are two because one is hardcoded as a VPN Client offshore and one is open for home use. I have a NAS on the 10.0.2.115 that I want to be accessible internally on the 10.0.1.x subnet.

I would prefer to keep, lets say, Interface GE 6 and GE 7 as the two interfaces to use and to keep them away from connecting on each others internet access.. Like I wouldn't want 10.0.1.x to use 10.0.2.x external IP address, if that would be possible.

In my head I would create a zone-member security INTERNAL and attach GE 6 and 7 to that and then add access from GE6 (10.0.1.x) to GE7 (10.0.2.115) Port, whatever the NAS is on.

If I am correct at this point;

How do I go about assigning or configuring either GE 6/7 to accept the already preconfigured IP/Subnet from the other 2 existing Routers? Would I hardcode GE 6 as, lets say, 10.0.1.110 with Gateway 10.0.1.1 and GE 7 as 10.0.2.110 with Gateway 10.0.2.1 and then create 2 IP Routes on the Cisco?

If I am not correct at this point;

Is what I am wanting to do making sense and is it possible?

Thank you!

fbeye · ‎01-05-2021

Hello, I was wondering this would be acceptable configuration.

interface vlan 2

ip address 10.0.1.115 255.255.255.0

no shutdown

interface GigabitEthernet 4

switchport mode access

switchport access vlan 2

no shutdown

interface vlan 3

ip address 10.0.2.115 255.255.255.0

no shutdown

interface GigabitEthernet 5

switchport mode access

switchport access vlan 3

no shutdown

If that is correct, how is the routing done? Would it be configured on each of the other routers or would it be done on the Cisco? I ask because I attempted to do ip route 10.0.2.0 255.255.255.0 10.0.2.115 (assuming to access the 10.0.2.x network I’d have to go through 10.0.2.115 IP address (and opposite for the other way) ) but that didn’t take.

balaji.bandi · ‎01-05-2021

is this switch config you trying to add in to network - then this is ok, you need add static route back to Wifi Router IP for the respected VLAN

example

ip router 10.0.1.0 255.255.255.0 10.0.1.X (X is wifi router IP)

ip router 10.0.2.0 255.255.255.0 10.0.2.X (X is wifi router IP)

interface GigabitEthernet x/x << this is where Wifi router1 connects

switchport mode access

switchport access vlan 2

no shutdown

interface GigabitEthernet x/x << this is where Wifi router2 connects

switchport mode access

switchport access vlan 3

no shutdown

interface GigabitEthernet x/y << this is where your end device connected

switchport mode access

switchport access vlan 2

no shutdown

interface GigabitEthernet x/y << this is where your end device connected

switchport mode access

switchport access vlan 3

no shutdown

check your drawing to understand for all easy. (adding new switch in place)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

fbeye · ‎01-05-2021

Ahh Ok.

So this really is just to utilize 2 ports as a crossover in a sense. There would be no end devices connected. Only Router 1 to GigabitEthernet 4 and Router 2 going to GigabitEthernet 5 and then an IP Route allowing traffic to cross interfaces (vlan).