need to keep the two networks separtate

You cannot have same ip address for same vlan on 2 different switch if you want to connect the switch together because it will give duplicate ip address error message. yes you can have same subnet assigned for same vlan on 2 different switch.

If you are planning not to connect the 2 switches together and 2 switche will be isolated then you can play with same ip address on 2 switches.

HTH

Ankur

You can keep the networks separate at layer 3 without separating the layer 2 infrastructure. If you want to keep them isolated completely, define vlan x and vlan y in both switches, and configure each port to be in one or the other:

int range fa0/1 - 12

switchport access vlan x

int range fa0/13 - 24

switchport access vlan y

Define each switch IP under int vlan x/y, depending on where you will manage it from. They can be in the same subnet, but cannot be the same IP.

OK guys thanks for the help I think I got it now will play in the morning let you know how I get on

Hi Mark,

first of all i have a question.... Why do u need ip adresses on your switch? just to manage them?

If so here is my suggestion...

u should assign 3 vlans not 2... make one of them your management vlan and assing an ip addresses from a diffent subnet than your nodes. Then configure a trunk between the two switches. Remember to make your management vlan the native vlan (switchport trunk native vlan ).

Next u assign each port to the appropriate vlan and your done.

If u manage the switches via console port, forget about ip adresses... u dont need one. just make two vlans and assign the ports (dont forget the trunk).

Regards,

Sebastian

If he wants to route between the VLANs he must get the traffic to a layer 3 interface. Since the 2950 is a layer 2 switch he can not route between the VLANs on the switch.

I am not clear what you mean when you say a full fledged router and whether you would include a layer 3 switch in that category. As long as the traffic gets to a layer 3 interface, then traffic can be routed between VLANs. It could be on a "router" or on a layer 3 switch.

HTH

Rick

I guess what I meant by full fledged router, is having a totally separate piece of hardware like say a 1700 or something to route between the two.

If he has say a 2950G with EMI could he do it then? If a switch is layer 3 capable, can you employ ACLs just like you could a normal router?

It would require a separate piece of hardware to route between VLANs. The separate hardware could be a router like a 1700 or it could be a layer 3 switch. As long as the separate device is layer 3 capable it can route between VLANs.

It would not change this question whether the 2950 had the standard image or the enhanced image. The 2950 is a layer 2 switch and can not route. With the enhanced image you get things like more security, advanced QOS, and high availability. But the enhanced image does not turn it into a layer 3 device.

HTH

Rick