Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
903
Views
0
Helpful
3
Replies

Configuring Vlans

Go to solution
manoremaint
Level 1
Level 1

‎08-14-2012 02:29 PM - edited ‎03-07-2019 08:20 AM

Hello

I am currently working on our local network. I would like to add vlans to the network; but before executing the project I have a few questions that I am trying to figure out.

We have a cisco 1811W that works as a DHCP server for the network. And a catalyst 2960-S PoE+ . We use voip phones; while most of the computers are connected to the network through the phone (Phone to the wall, computer to the LAN port on the phone).

We have 5 departments and about 70 devices; so I would like to have 7 different vlans. So, for my questions:

1 – Can I have a Vlan that delivers both VOIP and data while its being a Vlan specific for different departments?

2 – How would the router know which address to assign? Will I have to manually set a static IP’s on my devices now?

3 – Should I create the vlans on the router first and then apply them to the switch and individual ports?

4 – What should be the vlans for the servers if I want different people from different departments to have access? Can I set something like an “open Vlan” for a full access? 6 – what about a shared printer?

7 – If I have two employees that work remotely and currently have access to the servers through windows VPN, how can I keep giving access to their computers regardless of the vlans?

8 – Should I create a vlan that is dedicated for trunking or the trunk can work on a default vlan?

Any help would be highly appreciated;

Thank you!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
kamran_Roostaee
Level 1
Level 1

‎08-14-2012 11:26 PM

1 – Can I have a Vlan that delivers both VOIP and data while its being a Vlan specific for different departments?

you can have a VLAN  for both VOIP and data, if you dont want to implement QOS. in this methos ports whitch connect to VOIP phone shoulbe be access port not trunk

2- your router is DHCP server, you can define a dhcp pool for each vlan with "ip dhcp pool [vlan number]". router will assign IPs base on VLAN for example:

ip dhcp pool vlan1


network 192.168.1.0 255.255.255.0

default-router 192.168.1.1 
 

ip dhcp pool vlan2


network 192.168.2.0 255.255.255.0 
default-router 192.168.2.1 

ip dhcp excluded-address 192.168.1.1 192.168.1.2

ip dhcp excluded-address 192.168.2.1 192.168.2.2

3 – Should I create the vlans on the router first and then apply them to the switch and individual ports?

you can define VLANs on router or switch and advertise them through vtp or define on both of them without vtp. if you want to use vtp, switch<-> router link should be trunk and you should configure trunking encapsulation

4 – What should be the vlans for the servers if I want different people from different departments to have access? Can I set something like an “open Vlan” for a full access? 6 – what about a shared printer?

1811w can support inter vlan routing and people in other vlans can connect to other vlans or printers in other vlans. you can enable it with "ip routing". you can use router on stick methos too (if you have just one link between switch and router)

7 – If I have two employees that work remotely and currently have access to the servers through windows VPN, how can I keep giving access to their computers regardless of the vlans?

you can assign a vlan to vpn connection and define access list, inter vlan routing let them to connects to other vlans

8 – Should I create a vlan that is dedicated for trunking or the trunk can work on a default vlan?

there is no need to define vlan for trunking,  trunk link  should be configured on switch<-> router link that its native vlan is vlan 1 by default. if you have more than one link between switch and router (you use switch ports on router) you can define those links as trunk for transfering more that one vlan or access for transfering just one vlan

View solution in original post

0 Helpful
3 Replies 3

Go to solution
kamran_Roostaee
Level 1
Level 1

‎08-14-2012 11:26 PM

1 – Can I have a Vlan that delivers both VOIP and data while its being a Vlan specific for different departments?

you can have a VLAN  for both VOIP and data, if you dont want to implement QOS. in this methos ports whitch connect to VOIP phone shoulbe be access port not trunk

2- your router is DHCP server, you can define a dhcp pool for each vlan with "ip dhcp pool [vlan number]". router will assign IPs base on VLAN for example:

ip dhcp pool vlan1


network 192.168.1.0 255.255.255.0

default-router 192.168.1.1 
 

ip dhcp pool vlan2


network 192.168.2.0 255.255.255.0 
default-router 192.168.2.1 

ip dhcp excluded-address 192.168.1.1 192.168.1.2

ip dhcp excluded-address 192.168.2.1 192.168.2.2

3 – Should I create the vlans on the router first and then apply them to the switch and individual ports?

you can define VLANs on router or switch and advertise them through vtp or define on both of them without vtp. if you want to use vtp, switch<-> router link should be trunk and you should configure trunking encapsulation

4 – What should be the vlans for the servers if I want different people from different departments to have access? Can I set something like an “open Vlan” for a full access? 6 – what about a shared printer?

1811w can support inter vlan routing and people in other vlans can connect to other vlans or printers in other vlans. you can enable it with "ip routing". you can use router on stick methos too (if you have just one link between switch and router)

7 – If I have two employees that work remotely and currently have access to the servers through windows VPN, how can I keep giving access to their computers regardless of the vlans?

you can assign a vlan to vpn connection and define access list, inter vlan routing let them to connects to other vlans

8 – Should I create a vlan that is dedicated for trunking or the trunk can work on a default vlan?

there is no need to define vlan for trunking,  trunk link  should be configured on switch<-> router link that its native vlan is vlan 1 by default. if you have more than one link between switch and router (you use switch ports on router) you can define those links as trunk for transfering more that one vlan or access for transfering just one vlan

0 Helpful

Go to solution
manoremaint
Level 1
Level 1
In response to kamran_Roostaee

‎08-15-2012 11:31 AM

Thanks a lot Kamran!

One more question about #2 -

If my network is 10.1.10.0/24

How should I set the router to recognize the different vlans? (10.1.2.0 ; 10.1.3.0....)

Or would the VTP connection should solve it.

Thanks again,

Mor.

0 Helpful

Go to solution
kamran_Roostaee
Level 1
Level 1
In response to manoremaint

‎08-24-2012 09:59 PM

Router will assign IP for each VLAN based on interface or SVI IP address. for examle if we have vlan1 with IP range 192.168.1.0/24 and vlan 2 with IP range 192.168.2.0/24, and you assign a IP from 192.168.1.0/24 to an interface or assign this IP to SVI, then any dhcp request that come from vlan1 or from interface, will use DHCP Pool1. and any request from vlan2 will use pool2. I means that router will recognize pool based on ip interface or svi ip range.

VTP is a protocol for transfering vlans information and its not related to DHCP

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card