2960 and Vlan ports

ciscoblowsforever · ‎02-26-2013

New to Cisco and want to know if I can segment a port. I have two vlans. I have one internet connection at the opposite end of the building. Can the port the internet is connected to serve both Vlans? How is this setup?

Sebastian Helmer · ‎02-26-2013

I'm sorry but I don't really understand your question. maybe a trunk port would help with a native VLAN not vlan tag and a tagged vlan for other traffic. But better would be to make your question more clear for me..

jawad-mukhtar · ‎02-26-2013

2960

Two Vlan You Created

E.g

VLAN 10

192.168.10.5/24

Vlan 20

192.168.20.5/24

Now you will not able to ping 20.x ip form 10.x and 10.x ip form 20.x. For This you will ne L3 Device.

NOw in that case u have Router 2811.

One of the Interface of your Switch fe 0/24 (Trunk Allowed All vlan) will be connected to Router Gig 0/1 Interface.

On Router

Your will Crate Sub Interface

Int Gig 0/1.10

encapsulation dot1q 10

ip address 192.168.10.1/24

Ip nat inside

Int Gig 0/1.20

encapsulation dot1q 20

ip address 192.168.20.1/24

ip nat inside

After This u will be abe to ping 20.x ips form 10.x and 10.x ips form 20.x. Simply Intervlan Router will be Done.

Now For Internet

Your will Create Access-list on Router

ip access-list extended NAT

permit ip 192.168.10.0 0.0.0.255 any

permit ip 192.168.20.0 0.0.0.255 any

Interface Gig 0/0

(Will Be connected To ISP For Internet)

IP address (public IP) x.x.x.x

ip nat ouside

Now u will configure Nat to use Internet.

ip nat inside source list NAT interface gig 0/0 overload.

Remeber (Host with 10x ip should be given gw 10.1 and host with 20.x ips should be given 20.1 gateway).

Hope So u understand it well.

Thanks

** Do Rate Helpful Posts**

Jawad

ciscoblowsforever · ‎02-27-2013

To clarify.....Can I service 2 vlans with a single internet connection on a single port?

Richard Burts · ‎02-27-2013

I believe that part of what Jawad was trying to explain is that the 2960 is a layer 2 switch and as such it can not provide connectivity between vlans. To provide connectivity between vlans you would need some layer 3 device to provide routing functionality.

The original post mentions only 2960 switch. If that is the only networking device then the answer is no you can not use the Internet connection in one port to work with two different vlans.

HTH

Rick

HTH

Rick

Wilson Bonilla · ‎02-27-2013

Hi.

You can serve two as many vlans as you want as long as the users of those vlans have its default gateway pointing to a router. also be aware that you will need a trunked interface between the 2960 and the router. for example:

THIS IS INTERNET

+------------+

| |

|------------|

| |

+-----^------+

|

+----+-----+

| ROUTER |

|----------|

| |

+----+-----+

|

|TRUNK INTERFACE

|

+----v-------+

| 2960 |

| |

+--++------+-----+-------+

| | |

+----+--+ +--+--+ +-----++

|VLAN10 | |VLAN20 |VLAN 30

+-------+ +-----+ +------+

Regards.

Wilson

Sebastian Helmer · ‎02-27-2013

Maybe privat vlan is also an option for you:
Details can be found here:

http://www.cisco.com/en/US/tech/tk389/tk814/tk840/tsd_technology_support_sub-protocol_home.html