Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
316
Views
0
Helpful
3
Replies

Looking for topology help

Go to solution
maxmaxmax
Level 1
Level 1

‎07-21-2004 05:26 AM - edited ‎03-02-2019 05:12 PM

I am new to setting up a routing infrastructure and I have a 2 part question...

1. I will be routing up to 3 vlans on 1 switch with a 1721 router. Can I configure virtual interfaces on the router, or do I need actual physical ethernet ports on the router that are physically connected to ports on my switch from each vlan?

2. In terms of topology, I currently have a flat network where my gateway is my firewall (no router). If I add the router in between my switch and my firewall, can I just change the ip of the firewall from being the gateway address that the router will then become, to be a node on one of my vlans?

Thanks.

Labels:
0 Helpful
3 Accepted Solutions

Accepted Solutions

Go to solution
rwcrowe
Level 1
Level 1

‎07-21-2004 06:01 AM

1) You do not need to have a seperate physical interface in each VLAN for the router. You can use sub-interfaces for each VLAN. Below is an example, just look at the relavant section on configuring the external router for inter-vlan routing.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1826/products_configuration_guide_chapter09186a0080088102.html

http://www.cisco.com/en/US/tech/tk389/tk390/technologies_configuration_example09186a00800949fd.shtml

2) It would be easier to just assign the router as the default gateway for each subnet. Then the router will have a default route to the firewall.

View solution in original post

0 Helpful

Go to solution
Kanwar
Level 1
Level 1

‎07-21-2004 06:01 AM

you can do this if your router has fastethernet and the correct IOS. you can create sub interfaces on 1721 with fastethernet that link be a trunk link. so on the switch you have three vlans connected to the router with a trubk line. from there you can do a default route to the Firewall.

HTH

View solution in original post

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎07-21-2004 06:03 AM

Hello,

the 1721 supports 802.1Q (not ISL) inter-VLAN routing, so you do not need different physical Ethernet ports, you can configure the existing port as a trunk port and use virtual interfaces.

I guess configuring the firewall as a node on one of the VLANs will work, as long as there is a default route on the router pointing to the firewall...

Regards.

GP

View solution in original post

0 Helpful
3 Replies 3

Go to solution
rwcrowe
Level 1
Level 1

‎07-21-2004 06:01 AM

1) You do not need to have a seperate physical interface in each VLAN for the router. You can use sub-interfaces for each VLAN. Below is an example, just look at the relavant section on configuring the external router for inter-vlan routing.

http://www.cisco.com/en/US/products/sw/iosswrel/ps1826/products_configuration_guide_chapter09186a0080088102.html

http://www.cisco.com/en/US/tech/tk389/tk390/technologies_configuration_example09186a00800949fd.shtml

2) It would be easier to just assign the router as the default gateway for each subnet. Then the router will have a default route to the firewall.

0 Helpful

Go to solution
Kanwar
Level 1
Level 1

‎07-21-2004 06:01 AM

you can do this if your router has fastethernet and the correct IOS. you can create sub interfaces on 1721 with fastethernet that link be a trunk link. so on the switch you have three vlans connected to the router with a trubk line. from there you can do a default route to the Firewall.

HTH

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP

‎07-21-2004 06:03 AM

Hello,

the 1721 supports 802.1Q (not ISL) inter-VLAN routing, so you do not need different physical Ethernet ports, you can configure the existing port as a trunk port and use virtual interfaces.

I guess configuring the firewall as a node on one of the VLANs will work, as long as there is a default route on the router pointing to the firewall...

Regards.

GP

0 Helpful
Customers Also Viewed These Support Documents