Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
837
Views
0
Helpful
3
Replies

Passing a Single IP Through a Switch

JoshWendland
Level 1
Level 1

‎07-16-2019 07:34 AM

I am currently attempting to use a managed switch connected to an unmanaged switch in order to eliminate some traffic on my network.  I have 6 devices connected to the unmanaged switch and only need to access one on my network, however, the devices on the switch need to be able to communicate with each other and I was hoping this was a possibility.  I have a managed switch on standby.  

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎07-16-2019 07:49 AM - edited ‎07-16-2019 07:49 AM

yes this possible you can connect u- managed switch to managed switch one of the port (not 2 port to make it loop)

all your device work as expected. but make sure you have configured VLAN configuration required. (default go to vlan 1)

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame

‎07-16-2019 07:58 AM

We do not know much about your environment and that makes it difficult to give good advice. I offer these observations and hope that they might be helpful. Am I correct in assuming that the unmanaged switch connects to an access port on the managed switch? What vlan is associated with that access port? Is it possible to have that access port in a vlan that does not have any other ports in that vlan on the managed switch (a vlan on the managed switch that is dedicated to the vlan/subnet of the unmanaged switch)?

 

How are the devices on the unmanaged switch getting their IP addresses? Is it using DHCP or using hard coded addresses? Is it possible to arrange it so that the device that you do want to communicate with your network always receives the same IP address?

 

Do the other devices on the unmanaged switch communicate only with each other or do these devices need access to outside resources?

 

If there is a dedicated vlan for the unmanaged switch and if the device you need to communicate with does always have the same IP then it should be possible to configure an access list that permits that device to communicate with your network and deny other devices in that subnet to communicate with your network.

 

HTH

 

Rick

HTH

Rick
0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎07-16-2019 08:08 AM

Hello Josh,

if your managed switch is a L3 switch you can use an extended ACL applied to SVI interface vlan to limit which device(s) can reach the outer subnets.

Example:

ip host 192.168.10.1 SVI vlan 10

ip host 192.168.10.10 to be allowed

 

int vlan 10

ip address 192.168.10.1 255.255.255.0

no shut

 

You configure the physical port to unmanaged switch as access port in Vlan 10

 

int gi0/20

desc to unmanaged switch

switchport

switchport mode access

switchport access vlan 10

! you should enable spanning-tree root guard to protect STP

spanning-tree root guard

!

 

access-list 112 permit ip host 192.168.10.10 any

access-list 112 deny ip  host 192.168.10.11 any

access-list 112 deny ip  host 192.168.10.12 any

access-list 112 deny ip  host 192.168.10.13 any

access-list 112 deny ip  host 192.168.10.14 any

access-list 112 deny ip  host 192.168.10.15 any

access-list 112 permit ip 192.168.10.0 0.0.0.255 any

 

int vlan 10

ip access-group 112 in

 

Hope to help

Giuseppe

 

0 Helpful
Customers Also Viewed These Support Documents