12-07-2010 02:43 AM - edited 03-06-2019 02:23 PM
Our network scenerio is this:
- 2 cat 2950 switches (SWa and SWb)
- 1 cisco 2600 router
- 35 users/machines
What we want to configure (OBJECTIVE):
- 2 vlans on SWa switch (abc_vlan1 + the default vlan1)
- 4 vlans on SWb switch (abc_vlan1, abc_vlan2, abc_vlan3, + the default vlan1)
- the abc_vlan1, and the defualt vlan1 will span between the two switches, while the abc_vlan2, and abc_vlan3 will exist just in SWb
- machines in abc_vlan1, abc_vlan2, and the default vlan1 should be able to interconnect (via trunking/multiport......??, not sure exactly)
- VTP mode/domain to exist in the two switches
I've seen in some Cisco docs online specifying that a VTP mode switch cannot have multi vlan configured in it (but should be on Transparent mode, which not an option to us as we intend expand in near future!). And also that a trunk connection cannot be established on any switch with multiple vlans.
The question is, how do we attain the objective?
Please I will appreciate a simple and clear answer, as I'm new to this field.
01-04-2011 01:20 AM
hi,
so essentially what you mean is that:
the two ethernet on the router (int f0/0 and int f0/1) must have be configured on two seperate subnets.
and also....
in configuring the 4 vlans trunking in the router, i must assign these 4 vlans each on different subnet mask? (which is not in line with what jon.marshall showed above)
...sorry on my kind of questions, i'm just new to this.
01-10-2011 02:39 AM
Hi,
I've been able to set up the vlans, and also able to set up the trunk link with the router. all the subnets are now routing appropriately.
Now the next thing I want to accomplish with access list is this:
1, To isolate the vlan 12 (192.168.8.0) and prevent any access from it to the native vlan 1 (192.168.5.0) and vlan 11 (192.168.7.0)
2, But allow access from the isolated vlan 12 to just a proxy server - 192.168.6.2 (MS TMG server),which is in vlan 10 (192.168.6.0) and should be HTTP (Proxy service) access only. Then access to all other hosts on vlan 10 should be blocked
How do I get this accomplished?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide