Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4695
Views
0
Helpful
5
Replies

Share Printer with users on two VLAN

mikael0011111
Level 1
Level 1

‎10-30-2015 09:09 AM - edited ‎03-08-2019 02:30 AM

Hello

We have a network with two separate VLAN. With two Internet connections. It works well with a layer2 switch.

Now we have bought a shared printer that we want to use from both networks. I have looked at some forums and finally I bought a Cisco SG300-10.

Our VLAN has an ID 10 and 20. Now I would like to create a VLAN 30, where the printer is placed. LAN 10 and 20 should have access to 30. But 10 and 20 should not have access to each other.

I have tried to resolve this in the switch's web interface, but I do not succeed.

Is there anyone who can give me tips? The switch is switched to Layer3.

This image describes my currenly setup. The printer is not included in the image.

Labels:
0 Helpful
5 Replies 5

Alexey Prilutskiy
Level 1
Level 1

‎10-30-2015 10:05 AM

I can suggest you next steps to do:

1. On the switch create new vlan with id 30;

2. On the switch add printer's interface to vlan 30 in access mode;

3. On the switch each interface to the router reconfigure as a trunk. Allow vlans 10,30 to the first router and 20,30 to the second router;

4. On the routers create sub-interfaces for both vlans. On the first router sub-interfaces should be with 10 and 30 dot1q tags. On the secind one sub-interfaces should be with 20 and 30 dot1q tag;

5. On the routers add ip addresses for sub-interfaces. For vlans 10 and 20 use existing ip addresses and for vlan 30 use 192.168.2.1/24 and 192.168.2.2/24 for example;

6. Configure printer with static IP from the 192.168.2.0/24 range;

Now users from vlan 10 and vlan 20 can access the printer in vlan 30 via router1 and router2 but they can't communicate with eath others...

0 Helpful

mikael0011111
Level 1
Level 1
In response to Alexey Prilutskiy

‎11-02-2015 01:46 AM

Thanks for the reply.

So you mean that I have to do it in the two routers? I thought that a Layer3 switch could route traffic between networks. I thought it was because I would have Layer3.

I have checked the two routers that are mounted. They are common standad routers from the operator and does not support VLANs. They have VPN support.

Do you have any other solution to my problem?

0 Helpful

Alexey Prilutskiy
Level 1
Level 1
In response to mikael0011111

‎11-02-2015 01:59 AM

No, You can't use SG300 for routing in your case. You will need to configure policy based routing to route each vlan via separate router but SG300 doesn't support PBR.

So in your case you only can configure L3 interfaces on the switch and configure static routes on client's PC to route traffic to printer via switches's L3 interface... 

0 Helpful

devils_advocate
Level 7
Level 7

‎11-02-2015 04:08 AM

The only way I can see this working is if the current two routers support static routes.

You could easily use the SG300 to route between the three vlans but it doesn't do Policy Based Routing as far as I know so you could only have one default route which makes one of your internet connections redundant. 

I am thinking you could replicate the current setup with the SG300 but use the SG300 as the default gateway for Vlan 30 (create an SVI and DHCP on the SG300) and then have two static routes, one towards the 192.168.1.1 Router and one towards the 192.168.0.1 router. Both routers need to be capable of static routes however in order to return traffic.

Thanks

0 Helpful

lars1
Level 1
Level 1

‎12-09-2017 03:02 AM

The very easy way and simple way to do is use an access-list and deny both traffic from both vlans.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card