12-30-2008 07:23 AM - edited 03-06-2019 03:11 AM
I want to setup a CUCM lab environment on a seperate vlan but want to take advantage of the POE ports on my 6509. Is there an easy way to create a new vlan but not have it be automatically routed. I don't want any possiblity of the lab CUCM interfering with the production CUCM. In other words I want to create a network that is completely self contained with no access to other vlans on my 6509. I was thinking about using an access list but wanted to get some other opinions to see if that was the best idea.
Thanks in advance for any advice.
Steve
Solved! Go to Solution.
12-30-2008 07:36 AM
Steve,
You can create a Layer2 Vlan on the switch and assign those switchports to the newly created Vlan.
As long as you don't create a SVI (Switch Virtual Interface) for such Vlan, no routing will occur.
HTH,
__
Edison.
12-30-2008 07:35 AM
Hi,
Perhaps I'm misunderstanding your question, but if you don't put an IP address on the VLAN interface of the 6509, there is no routing capability. You won't be able to get in or out of the VLAN, but it will prevent that subnet from interacting with other VLANs/subnets.
If you need to get in and out of the VLAN for certain services you could use an ACL like you mentioned or drop a spare firewall in there too. Configure the hosts to use the fw as the gateway and it controls what is permitted up to the 6509.
I hope this helps.
Matt
12-30-2008 07:36 AM
Steve,
You can create a Layer2 Vlan on the switch and assign those switchports to the newly created Vlan.
As long as you don't create a SVI (Switch Virtual Interface) for such Vlan, no routing will occur.
HTH,
__
Edison.
12-30-2008 07:37 AM
Hi Steve
You can create a layer2 vlan, and leave it that way. Do not create the layer3 interface for the vlan.
/Mikael
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide