implementing L-3 switch in lan

blue4cisco · ‎05-23-2006

I have to design LAN as below:-

Three networks comming into local lan & requirement is that all usersof LAN will get limited access on all three network as needed.

1.192.168.10.0(private network lease line)

2.192.168.100.0(private network lease line)

3.2 mbps internet line.

4.192.168.1.0(Local area network.)

how i design the solution so that all LAN user can access all network with limited access restriction.

what type of devices i need like L-3 switch & firewall for internet.

I do not want use any router but L-3 switch would be ok with VLAN implementation. Please Guide me

gpulos · ‎05-24-2006

it sounds like you have those 3 subnets, 192.168.1.0; 19.168.10.0 & 192.168.100.0 as well as an internet connection of 2mbps.

to allow the 3 subnets to talk, you can use a L3 switch. a 3550 or 3560 with EMI software will suffice for upto ports/connections.

you will need to configure the VLANs on the switch as well as the routing interfaces. how do to this is at the link below:

http://www.cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_book09186a00801f0a3a.html -12.1(8)EA1 version

the internet connection (dsl router, etc) will also be connected to the 3550. you will need a default-route for the 3550 router to forward to the internet connection. (you could also use a separate VLAN just for the internet connection)

as far as restricted access between the subnets, that is done through ACLs/VACLs on the router/switch. for the internet connection, a best practice would be to use a firewall to set restrictions into and out of your network. the firewall INSIDE will plug into the 3550 switch (internetVLAN) and the firewall OUTSIDE will plug into your dsl router or whatever you have.