Showing results for 
Search instead for 
Did you mean: 

Router on a Stick Question

Level 1
Level 1

I have setup a router on a stick config before with no issues. I am trying to setup a new one for a customer with a slightly different config. On my 0/0 interface I will have a 200.200.200.x address which is what connects to their sonicwall for WAN traffic. On the 0/1 interface we are moving to a new addressing scheme with multiple VLANs on a 172.16.x.x network. Currently they have a total flat network with everything on the 200.200.200.x network. I am trying to figure out how I can slowly migrate the 200 to the 172 on the second interface. Should the 200 be created on the 0/1 interface as another sub-interface and then route everything out the 0/0 interface or what would be the best way to do this. I am stumped right now.

Thank you in advance.

2 Replies 2

Cisco Employee
Cisco Employee


I would do it as below.

1. Configure DHCP server and create DHCP pools for 172.16.x.0 subnets (You can use cisco router or sw as DHCP server)

    Create several new vlans on SW

2. I would change IP address between Router and SonicFW to use differen subnet. Like 200.200.201.x, or any 172.16.x.0

   Then, Create sub-int F0/1.200 with ip address of current default GW address of all hosts.

   For example, if your PCs are configured with SONICFW address as Default GW, use this address as router's ip address. So, you don't have to change All PC's default gateway address.

   If your HOST are pointing

SONICFW------200.200.201.x-----F0/0 Router F0/1 -----TRUNK---SW-----HOSTS



3. If you finish step 2, all current HOSTs can go out to Internet through router then SONICFW with current IP address scheme.

4.  Create several sub-int on F0/1 for 172.16.x.0 addresses and assign proper vlan by "encap dot1q XX" (xx is vlan no)

5. Slowly migrate Hosts to new vlan by changing SW port's access vlan to new vlan XX by "sw access vlan xx.

6. On hosts, release/renew IP address and it will get new subnet IP from DHCP server's proper  dhcp pool.

Hope this helps.


So I have changed my idea on this slightly and am trying to do the following:

INET-------SonicFirewal-----200.200.x.x---------fa0/0 on router---fa0/1.10-------new switch





I can Ping between the 172 addresses on fa0/1.x and the address assigned to fa0/0 but I cannot ping the default-gateway of the 200 network 200.200.x.1 from the 172 network. from what I can guess it is a route. I have a default route sending everything to 200.200.x.1 and then I setup rip with network statements for my whole network as well as the 200 system.

Review Cisco Networking for a $25 gift card