cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1401
Views
0
Helpful
4
Replies

Multiple VLANs with different isp and print to 3rd vlan?

esnw33430
Level 1
Level 1

Hi All

is it possible to configure the following:

Cisco 3560 with 3 VLANS

vlan1 > users and isp1

vlan2> users and isp2

vlan3> printers

I need the users in vlans 1 and 2 to be able to print to vlan3 but not be able to pass any traffic to the users on other vlans and also be able to access the internet via the isp connected to their vlan.

I work for a "frugal" company and they are using the routers supplied by the ISP so they are not cisco, I have gotten as far as I can create the vlans and print across to vlan 3; the users cannot pass traffic to the users on the other vlan. it works fine until i connect the routers then it fails, users cannot ping to vlan3 and this is where i get lost.

each isp router is dhcp / dns for the users connected to the respective vlan, do i need to change this so the switch does dhcp or am i missing something?

Cheers

Graham

4 Replies 4

Jon Marshall
Hall of Fame
Hall of Fame

esnw33430 wrote:

Hi All

is it possible to configure the following:

Cisco 3560 with 3 VLANS

vlan1 > users and isp1

vlan2> users and isp2

vlan3> printers

I need the users in vlans 1 and 2 to be able to print to vlan3 but not be able to pass any traffic to the users on other vlans and also be able to access the internet via the isp connected to their vlan.

I work for a "frugal" company and they are using the routers supplied by the ISP so they are not cisco, I have gotten as far as I can create the vlans and print across to vlan 3; the users cannot pass traffic to the users on the other vlan. it works fine until i connect the routers then it fails, users cannot ping to vlan3 and this is where i get lost.

each isp router is dhcp / dns for the users connected to the respective vlan, do i need to change this so the switch does dhcp or am i missing something?

Cheers

Graham

Graham

You can use PBR (Policy Based Routing) and control access between the 3 vlans with access-lists all on the 3560. However your problem is whether or not the 3560 switch is running the right feature set for PBR. If it isn't you would need to upgrade the feature set and that would cost so it probably int a solution for you.

Can you post the output of "sh version" from your switch ?

Jon

Hi Jon

thanks for your reply, the output for sh ver is below:

Cisco IOS Software, C3560 Software (C3560-IPBASE-M), Version 12.2(35)SE5, RELEAS
E SOFTWARE (fc1)
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Thu 19-Jul-07 18:15 by nachen
Image text-base: 0x00003000, data-base: 0x01100000

ROM: Bootstrap program is C3560 boot loader
BOOTLDR: C3560 Boot Loader (C3560-HBOOT-M) Version 12.2(25r)SEC, RELEASE SOFTWAR
E (fc4)

test uptime is 1 minute
System returned to ROM by power-on
System image file is "flash:c3560-ipbase-mz.122-35.SE5/c3560-ipbase-mz.122-35.SE
5.bin"

cisco WS-C3560-24TS (PowerPC405) processor (revision H0) with 122880K/8184K byte
s of memory.
Processor board ID FDO1403X2X4
Last reset from power-on
3 Virtual Ethernet interfaces
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

512K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : EC:44:76:88:DD:00
Motherboard assembly number     : 73-9897-10
Power supply part number        : 341-0097-02
Motherboard serial number       : FDO1404082F
Power supply serial number      : DCA1350825Q
Model revision number           : H0
Motherboard revision number     : A0
Model number                    : WS-C3560-24TS-S
System serial number            : FDO1403X2X4
Top Assembly Part Number        : 800-26160-05
Top Assembly Revision Number    : A0
Version ID                      : V05
CLEI Code Number                : COMFG00BRA
Hardware Board Revision Number  : 0x01


Switch   Ports  Model              SW Version              SW Image
------   -----  -----              ----------              ----------
*    1   26     WS-C3560-24TS      12.2(35)SE5             C3560-IPBASE-M

Cheers

Graham

You are running IP Base which does not support PBR. You need IP Services image unfortunately.

Jon

Hi Jon

OK we have obtained a different switch (still 3560 but with IPService IOS) with the required IOS, any pointers on the config I can read before jumping in head 1st?

Cheers

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco