Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
338
Views
0
Helpful
2
Replies

vlaning 2 subnet without access together

blackmetal
Level 1
Level 1

‎12-27-2011 10:10 PM - edited ‎03-04-2019 02:45 PM

Hello,

i have 2x 27 subet ( we will call first /27 fip and call second /27 sip) we assign sip subnet to our virtual machine and we do not want assign ip from sip to our physical node and we wan assign ip from fip subnet to our physical server, because we want sip can not spoof physical server ips, so when we create vlan in our switch we set port 1 and fip and sip subnet access to this vlan in this senario can my virtual machine spoof our physical node ip ?

some one in my datacenter technical team told me we should create vlan for fip and create a seprate vlan for sip then set vlan fip and vlan sip access to switch port #1 is it right? if it is ok can some one give me the commands for this senario which create 2 spetare vlan and access them to port siwtch #1 for exaple?

we have cisco 2960 48 port ,

THnaks,

Labels:
0 Helpful
2 Replies 2

cadet alain
VIP Alumni
VIP Alumni

‎12-28-2011 12:37 AM

Hi,

Q:can some one give me the commands for this senario which create 2 spetare vlan and access them to port siwtch #1 for exaple?

Answer:

vlan 10

name fip

vlan 20

name sip

int f0/1

switchport mode trunk

switchport trunk allowed vlan 10,20

But I'm not sure it is the correct config for your problem.I've got some difficulty understanding your request, could you clarify things.

Regards.

Alain

Don't forget to rate helpful posts.
0 Helpful

blackmetal
Level 1
Level 1
In response to cadet alain

‎12-28-2011 12:45 AM

i want for example 192.168.1.0/27 and 192.168.1.32/27 access port switch #1 , in my physical server i set 192.168.1.2 and assign 192.168.1.32/27 to my virtual machine which hsoted in this physical server now there is a danger for me here and this is my vm users can set ip from 192.168.1.0/27 for their network adapter because both ip range access port switch #1 if my vm users set ip rom 192.168.1.32/27 range for their network adapter there is no problem but i do not want my vm users can set ip from 192.168.1.0/27 range to their network adapter because i will assign 192.168.1.0/27 to more than 15 physical sever and it may cause ip confilict,

now how can i solve this?

Thanks,

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card