01-14-2024 02:28 PM
hello everyone,
I am facing an issue with my college project. i have 6 pcs that they are in the same network, but 2 pcs must be excluded(no communication with the other 4) but keep their ips (network: 192.168.1.0). I used a router with default gateway 192.168.2.1, but they won't communicate with their router.
How is this problem solved?
Thank you in advance. @
01-14-2024 03:05 PM
Hello,
private Vlans would be an option (the only option I can see, to be honest)...
01-15-2024 02:30 AM - edited 01-15-2024 02:33 AM
Private vlans are probably out of scope of ccna level, more like ccnp and up.
I think simpler solution is just different vlan number for those 2 PCs then rest of 4 PCs while all PCs have and are on the same network subnet.
default gateway is used and necessary for PCs to communicate with other remote networks, subnets. If PCs don't have default gateway set up, they will only be able to reach others on the same vlan and the same subnet, network.
Regards, ML
**Please Rate All Helpful Responses **
01-15-2024 05:00 AM
01-15-2024 06:32 AM
"default gateway is used and necessary for PCs to communicate with other remote networks, subnets. If PCs don't have default gateway set up, they will only be able to reach others on the same vlan and the same subnet, network."
True if gateway router is NOT supporting proxy and, as you note, hosts are in different L2 domains.
01-15-2024 02:35 AM
The traffic between host in same subent not routing via router it direct bridge via SW.
You need to apply acl in port' this acl is called port-acl.
MHM
01-15-2024 06:29 AM
An interesting project. Possible solution(s) would depend on your equipment features.
As you've described the problem, the first issue that arises, as @MHM Cisco World has already noted, hosts on the same network intercommunicate NOT using the gateway.
Private VLANs and L2 ACLs have been mentioned, but both depend on network device features.
Two other possible approaches, that immediately come to my mind, which also require device support, would be firewall rules on the PCs blocking particular host-to-host communication or perhaps using NAT to make all the host "believe" they are in the same network, but they are not.
Hopefully, someone will suggest an easy way to solve this issue, but in any case, would like to hear what the "approve" solution(s) by whoever assigned this project.
01-15-2024 08:57 AM
here's the topology. All the pcs are on the same network. 2 of them will not communicate with the others but, they get to keep their ip addresses. i've installed a router there so it can transfer the packs. i've created 2 VLANS (management and upper management). I've created the router's sub interfaces. created a default gateway(192.168.2.1) for the 2 pcs but im facing the issue of no communication for the 2 pc's and router.
01-15-2024 09:00 AM
this task need EVE-NG or GNS3 VM
it can not be done in Packet tracer
MHM
01-15-2024 09:05 AM
so the solution is to change their IPs? Im asking that, because i tried it and it is the only vialble solution...
01-17-2024 06:12 AM
it one of solution
either
config private VLAN <<- if you have one VLAN
or
change the IP <<- if you have more than one VLAN
MHM
01-17-2024 04:54 AM
Zip your PT lab file and attach here. We will check it out
Regards, ML
**Please Rate All Helpful Responses **
01-17-2024 08:59 AM
"I've created the router's sub interfaces. created a default gateway(192.168.2.1) for the 2 pcs but im facing the issue of no communication for the 2 pc's and router."
That's to be expected if you don't assign those hosts IPs in the new network.
01-17-2024 09:02 AM
With your posted topology, the NAT approach I mentioned earlier should work.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide