Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
288
Views
10
Helpful
3
Replies

subnets connection to server and to the internet.

luisdeanda12
Level 1
Level 1

‎01-05-2023 11:14 AM

luisdeanda12_0-1672945673565.png

Hello, I'm trying to divine my network but I'm having a hard time understanding how to do this. I want to separate departments on a class c network. All the computers need to talk back to the server and they also need to have an internet connection how can I accomplish this? I know that subnetting is a way to have better security in this is why I want to do it. 

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎01-05-2023 11:52 AM

below high-level config that should work for you :

Router :
====================================
Config t
!
ip routing
!
interface Ethernet0/0
ip address x.x.x.x 255.255.255.X ( change this if this is DHCP)
ip nat outside
ip virtual-reassembly in
duplex auto
no shut
!
interface Ethernet0/1
no ip address
no shutdown
!
int fa0/1.1
description PC0 VLAN
encapsulation dot1q 10
ip address 192.168.1.1 255.255.255.224
ip nat inside
no shut
int fa0/1.2
encapsulation dot1q 20
description PC1 VLAN
ip address 192.168.1.33 255.255.255.224
ip nat inside
no shut
int fa0/1.3
description PC2 VLAN
encapsulation dot1q 30
ip address 192.168.1.65 255.255.255.224
ip nat inside
no shut
int fa0/1.4
description Server VLAN
encapsulation dot1q 40
ip address 192.168.1.225 255.255.255.224
ip nat inside
no shut
!
!
ip nat inside source list 100 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 x.x.x.x ( ISP IP)
!
!
!
access-list 100 permit 192.168.1.0 0.0.0.31 any
access-list 100 permit 192.168.1.32 0.0.0.31 any
access-list 100 permit 192.168.1.64 0.0.0.31 any
access-list 100 permit 192.168.1.224 0.0.0.31 any

SWITCH :
=======================
config t

vlan 10
name PC0
vlan 20
name PC1
vlan 30
name PC2
vlan 40
name Server
!
interface fa0/1 (this is the port connecting to Router)
switchport mode trunk
no shut
!
interface fa0/1 (this where PC0 connected)
switchport mode access
switchport access vlan 10
!
interface fa0/1 ( PC1 connected)
switchport mode access
switchport access vlan 20
!
interface fa0/3 ( PC 2 connected)
switchport mode access
switchport access vlan 30
!
interface fa0/4 ( Server connected)
switchport mode access
switchport access vlan 40
!
interface vlan 10
ip address 192.168.1.2 255.255.255.224
no shutdown
!
ip default-gateway 192.168.1.1

End device config
====================
PC0 config with gateway 192.168.1.1
PC1 config with gateway 192.168.1.33
PC2 config with gateway 192.168.1.64
Server config with gateway 192.168.1.224

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

luisdeanda12
Level 1
Level 1
In response to balaji.bandi

‎01-05-2023 12:21 PM

Thanks so much can you tell me the reason why they have a different gateway? is not possible to just use the same gateway for all? 

0 Helpful

balaji.bandi
Hall of Fame
Hall of Fame
In response to luisdeanda12

‎01-05-2023 01:14 PM

as per your post " want to separate departments on a class c network."you would like to use /27 for each segment, so that example.

if you like to have /24 network all in one VLAN.

below config should work :

Router :
====================================
Config t
!
ip routing
!
interface Ethernet0/0
ip address x.x.x.x 255.255.255.X ( change this if this is DHCP)
ip nat outside
ip virtual-reassembly in
duplex auto
no shut
!
interface Ethernet0/1
ip address 192.168.1.1 255.255.255.0
ip nat inside
no shutdown
!
!
ip nat inside source list 100 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 x.x.x.x ( ISP IP)
!
!
!
access-list 100 permit 192.168.1.0 0.0.0.255 any

SWITCH :
=======================
config t

vlan 10
name PC0
!
interface fa0/1 (this is the port connecting to Router - this can also be trunk if you looking expand later more vlan)
switchport mode access
switchport access vlan 10
no shut
!
interface fa0/1
switchport mode access
switchport access vlan 10
!
interface fa0/2
switchport mode access
switchport access vlan 10
!
interface fa0/3
switchport mode access
switchport access vlan 10
!
interface fa0/4
switchport mode access
switchport access vlan 10
!
interface vlan 10
ip address 192.168.1.2 255.255.255.0
no shutdown
!
ip default-gateway 192.168.1.1

End device config ( make sure you configure subnet mask /24 instead of /27 - that is 255.255.255.0)
====================
PC0 config with gateway 192.168.1.1
PC1 config with gateway 192.168.1.1
PC2 config with gateway 192.168.1.1
Server config with gateway 192.168.1.1

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card