Re: Multiple subnets routing

Asfandyar70754 · ‎10-27-2020

Hello everyone

I want to use separate vlans for departments in my office.

So for example,

I have 2 vlan 36,37 of subnets 192.168.36.0 and 192.168.37.0, I have made 2 dhcp pools for vlans/subnets.

Users are getting IP of their respective vlans but they are not able to access internet. I think I am stuck in some routing.

So if someone can they me how should I route these 2 subnets to my gateway.

Georg Pauwen · ‎10-27-2020

Hello,

what does the rest of the topology look like ? How did you configure the inter-Vlan routing ? Typically, a layer 3 device is doing the routing (towards the Internet) and the network address translation.

In short, we need to know what devices you have deployed. Post either a brief schematic drawing, or indicate how the devices are connected, e.g.:

ISP Modem --> Router --> Switch

Asfandyar70754 · ‎10-27-2020

Hi Paul and Georg

This is how my topology looks like right now.

ISP -> L3 Switch -> 2 L2 Switches

I have Vlans on my L3 switch.

I don't want two vlans to communicate

paul driver · ‎10-27-2020

Hello
What type L3 switch do you have and can you confirm if you are receiving a public or non public ip address from the isp

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Asfandyar70754 · ‎10-27-2020

Please ignore earlier design this is the one:

ISP -> TP-Link Load balancer -> L3 Switch -> 2 L2 Switches,

On L3 switch I have private IP.

Georg Pauwen · ‎10-27-2020

Hello,

the first issue will be to get the new Vlan subnets NATted on the TP Link router. You need to add these networks to the networks that are to be translated. As for the L3 and L2 switch configuration, the setup would look like below:

L3 Switch

interface Vlan 10

ip address 192.168.10.1 255.255.255.0

!

interface Vlan 20

ip address 192.168.20.1 255.255.255.0

!

interface GigabitEthernet0/1

description Link to L2 Switch 1

switchport mode trunk

!

interface GigabitEthernet0/2

description Link to L2 Switch 2

switchport mode trunk

L2 Switch 1

interface GigabitEthernet0/1

description Uplink to L3 Switch

switchport mode trunk

!

interface FastEthernet0/1

switchport mode access

switchport access vlan 10

spanning-tree portfast

!

interface FastEthernet0/2

switchport mode access

switchport access vlan 20

spanning-tree portfast

L2 Switch 2

interface GigabitEthernet0/2

description Uplink to L3 Switch

switchport mode trunk

!

interface FastEthernet0/1

switchport mode access

switchport access vlan 10

spanning-tree portfast

!

interface FastEthernet0/2

switchport mode access

switchport access vlan 20

spanning-tree portfast

paul driver · ‎10-27-2020

Hello

so the TP link router is receiving a private ip address from the ISP which means the isp is performing nat

do you havr admin access to your TP router to add static routes and apply NAT - if yes then you are in a good position to provide internet access for your user vlans - please confirm ?

After this the next step will be to decide how to wish to separate the vlan communication for that you have a couple of way to do this

1-routed acls on the L3 subnets

2 separate vrfs for each vlan

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎10-27-2020

Hello

In addition to what @Georg Pauwen has asked, when you mention separate do you wish for those two vlans to be unable to communicate with each other?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul