Solved: Cisco Router & Cisco Switch

IamSamSaul · ‎12-08-2022

Hi there,

I got a Cisco router on which the ISP line is terminated. I have connected Cisco switch to the router. At this moment I got one VLAN on the switch and DHCP is being done from the router.

I would like to create two extra Vlans on the switch. I thought to achieve this through Router on Stick, but I would like to know if there are other ways to achieve this. Users from all three Vlans should have access to internet through the router.

Any suggestion will be highly appreciated.

Regards & Thanks,

Sam

balaji.bandi · ‎12-08-2022

here is high level config :

ROUTER - basic config :
========================

ip dhcp excluded-address 192.168.10.240 192.168.10.253
ip dhcp excluded-address 192.168.20.240 192.168.20.253
ip dhcp excluded-address 192.168.30.240 192.168.30.253

!
ip dhcp pool LAN1-DHCP
import all
network 192.168.10.0 255.255.255.0
default-router 192.168.10.254
dns-server 8.8.8.8 8.8.4.4
lease 7
!
ip dhcp pool LAN2-DHCP
import all
network 192.168.20.0 255.255.255.0
default-router 192.168.20.254
dns-server 8.8.8.8 8.8.4.4
lease 7
!
ip dhcp pool LAN3-DHCP
import all
network 192.168.30.0 255.255.255.0
default-router 192.168.30.254
dns-server 8.8.8.8 8.8.4.4
lease 7
!
!
interface GigabitEthernet0
no ip address
no shutdown
!
interface GigabitEthernet0.10
encapsulation dot1Q 10
ip address 192.168.10.254 255.255.255.0
ip nat inside
no shutdown
!
interface GigabitEthernet0.20
encapsulation dot1Q 20
ip address 192.168.20.254 255.255.255.0
ip nat inside
no shutdown
!
interface GigabitEthernet0.30
encapsulation dot1Q 30
ip address 192.168.30.254 255.255.255.0
ip nat inside
no shut
!
interface Dialer0
ip nat outside
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
access-list 100 permit ip 192.168.10.0 0.0.0.255 any
access-list 100 permit ip 192.168.20.0 0.0.0.255 any
access-list 100 permit ip 192.168.30.0 0.0.0.255 any
!
ip nat inside source list 100 interface dialer0 overload

SWITCH - basic config

config t
!
vlan 10,20,30
!
interface gig1/0/1
Description connecting to Router Gig0
switchport trunk encapsulation dot1q
switchport mode trunk
no shutdown
!
interface gig1/0/2
switchport mode access
switchport access vlan 10
!
interface gig1/0/3
switchport mode access
switchport access vlan 20
!
interface gig1/0/4
switchport mode access
switchport access vlan 30

If you like switch management using vlan 10

interface vlan 10
ip address 192.168.10.253 255.255.255.0
no shutdown
!
ip default-gateway 192.168.10.254

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

balaji.bandi · ‎12-08-2022

yes Router on stick is the best way to do, switch act as layer 2 only

So Router can provide DHCP Service, Layer 3, and Routing and NAT

make sure you add ACL to all the VLANs IP addresses to be added to NAT to get internet

Hope you know how to configure the above, if not please feel free to ask example config (by posting your show run from your router and switch)

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

IamSamSaul · ‎12-08-2022

Hi BB,

Thanks for your prompt reply.

The switch is also a L3 device but I know you can't do NAT on a switch.

Do you have an example of what you mentioned?

"make sure you add ACL to all the VLANs IP addresses to be added to NAT to get internet"

Thanks.

balaji.bandi · ‎12-08-2022

here is high level config :

ROUTER - basic config :
========================

ip dhcp excluded-address 192.168.10.240 192.168.10.253
ip dhcp excluded-address 192.168.20.240 192.168.20.253
ip dhcp excluded-address 192.168.30.240 192.168.30.253

!
ip dhcp pool LAN1-DHCP
import all
network 192.168.10.0 255.255.255.0
default-router 192.168.10.254
dns-server 8.8.8.8 8.8.4.4
lease 7
!
ip dhcp pool LAN2-DHCP
import all
network 192.168.20.0 255.255.255.0
default-router 192.168.20.254
dns-server 8.8.8.8 8.8.4.4
lease 7
!
ip dhcp pool LAN3-DHCP
import all
network 192.168.30.0 255.255.255.0
default-router 192.168.30.254
dns-server 8.8.8.8 8.8.4.4
lease 7
!
!
interface GigabitEthernet0
no ip address
no shutdown
!
interface GigabitEthernet0.10
encapsulation dot1Q 10
ip address 192.168.10.254 255.255.255.0
ip nat inside
no shutdown
!
interface GigabitEthernet0.20
encapsulation dot1Q 20
ip address 192.168.20.254 255.255.255.0
ip nat inside
no shutdown
!
interface GigabitEthernet0.30
encapsulation dot1Q 30
ip address 192.168.30.254 255.255.255.0
ip nat inside
no shut
!
interface Dialer0
ip nat outside
!
ip route 0.0.0.0 0.0.0.0 Dialer0
!
!
access-list 100 permit ip 192.168.10.0 0.0.0.255 any
access-list 100 permit ip 192.168.20.0 0.0.0.255 any
access-list 100 permit ip 192.168.30.0 0.0.0.255 any
!
ip nat inside source list 100 interface dialer0 overload

SWITCH - basic config

config t
!
vlan 10,20,30
!
interface gig1/0/1
Description connecting to Router Gig0
switchport trunk encapsulation dot1q
switchport mode trunk
no shutdown
!
interface gig1/0/2
switchport mode access
switchport access vlan 10
!
interface gig1/0/3
switchport mode access
switchport access vlan 20
!
interface gig1/0/4
switchport mode access
switchport access vlan 30

If you like switch management using vlan 10

interface vlan 10
ip address 192.168.10.253 255.255.255.0
no shutdown
!
ip default-gateway 192.168.10.254

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

MHM Cisco World · ‎12-08-2022

under sub-interface
config ip nat inside

also for ip nat inside source list X interface Y overload

ip access-list standard X
permit VLAN1
permit VLAN2
permit VLAN3

MHM Cisco World · ‎12-08-2022

small lab help you in config