cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
14015
Views
10
Helpful
20
Replies
Highlighted
Beginner

Making 2 VLANs talk to 1 server

I have two VLANs each with a different subnet.

We'll call them VLAN A on 192.198.0.1 and VLAN B on 192.168.16.1.

We have to maintain the network isolation for PCI (Credit Card compliance), but I have a server on VLAN A, 192.168.0.45 that computers on both VLANs need to access.

My infrastructure is three switches in series with trunking ports configured. There is a gateway for VLAN A and a separate gateway for VLAN B each to a separate router and T1 connection.

The switches are managed switches and IP routing is enabled. 

Is there a way to make both VLANs communicate with 192.168.0.45?

Do I have to put both VLANs on the 192.168.0.1 subnet and just isolate by VLAN?

Is there a way to make the two VLANs communicate?

Do I need to add a static route on the switches to 192.168.045 or set the switch port that 192.168.0.45 is on as a trunk port?

This isn't my area of expertise, small business I wear a lot of hats, so any help is greatly appreciated.

20 REPLIES 20
Highlighted

Thanks for the suggestions.

I was away last week on an emergency.

I tried your suggestion today.  I put the server on its on VLAN and its own subnet; but I can't ping it.

I think there is a problem with the route table.

VLAN configuration on Switch 1:

Swith 1 connects to switch 2 connects to Switch 3

VLAN Configuration on Switch3:

The ACD server which both subnets talk to I set to IP: 192.168.32.7     Gateway: 192.168.32.253

IP Routing is enabled, trunking ports are set, but I can't ping 192.168.32.7 from 192.168.0.51

Route table is the same on switches 1 and 3

But switch 2 doesn't have those directly connected routes:

Do I have to put the Gateway:  Address as the default (0.0.0.0), the trunk port somehow, or the VLAN interface (192.168.32.253).

Nothing seems to work.

Any advice. 

Greatly appreciated guys.

Highlighted
Beginner

What is the default gateway for vlan1?

If it is the router then you need a route back to the switch doing the routing for the new vlan. Can you ping server from other vlan .16?

Sent from Cisco Technical Support iPhone App

Highlighted

Dan

From what you have posted it looks to me as if the new vlan does not exist on switch 2. Can you either configure that vlan and its connectivity to both other switches or post the output that shows that it does already exist on the switch?

HTH

Rick

HTH

Rick
Highlighted

All 3 VLans exist on all three routers.

Here is switch 2:

If you look at the above topological map view way up above, there are two exit paths for the network.

VLan 1 Default goes out the Total Acces Adtran router.  Its interface gateway is 192.168.0.1.

VLan 2 customerservice goes out to a firewall box running Untangle OS to do packet filtering.  Its interface gateway is configured to 192.168.16.1.

This firewall has two NICs the second going to the Adtran Netvana 3200 router for isolation. 

I pointed the shared server that resides on VLan 3 at the IP Address for Switch 3, the switch with which it is connected. I set its gateway to 192.168.32.253.

I have not configured any ACLs yet nor created any static routes on either router.

Highlighted

Here is the full quasi- confusing topological network map with some info removed for Internet anonymity.

Highlighted

Here is one of the routers:   route table.

I would think I just neet to add a route to the 192.168.32.1 subnet out the 0.0.0.0 default gateway.

But it won't let me in the web gui nor by command line.

FYI: There is no 192.168.5.0 in my network, but the int won't let me delete it.

Content for Community-Ad