Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1931
Views
0
Helpful
2
Replies

TWO SEPARATE SUBNETS SHARE ONE CISCO ROUTER FOR INTERNET

VASILIS PRINARIS
Level 1
Level 1

‎01-15-2016 05:55 AM - edited ‎03-08-2019 03:25 AM

Hi to all,

i will describe my issue in general to all you experts. we are trying to change our network with the least effort and cost but we need your advices. because we need to do it in 70 buidings , i will write down an example.

let's say that we have 20 pcs in a building with a network which connects all with various unmanaged switches. all of them have access to internet via a 876 cisco router.

we want to split in half the pcs, 10 and 10 in order all of them to have access to internet with cisco router as gateway but not to be able to communicate each other.

is it possible to achieve this without buying new hardware and leave all the cables as is?

thank you all in advance

Labels:
0 Helpful
2 Replies 2

ARUNPRABHU A
Level 1
Level 1

‎01-15-2016 07:01 AM

Hi VASILIS,

  Yes you can achieve this by configuring Primary and Secondary interface configuration in the 876 cisco router, without buying any new additional hardware.

Subnet A = 10.10.10.0 /24

Subnet B = 10.10.20.0 /24

!

Interface gigabit 0/0

ip address 10.10.10.1 255.255.255.0

ip address 10.10.20.1 255.255.255.0 secondary

!

Inorder to restrict the access between Subnet A and Subnet B. Configure an Extended access list to restrict access between Subnet A and Subnet B. like below.

 access-list 111 deny ip 10.10.10.0 0.0.0.254 10.10.20.0 0.0.0.254

access-list 111 deny ip 10.10.20.0 0.0.0.254 10.10.10.0 0.0.0.254

access-list 111 permit ip any any

!

Then bind this ACL binded to the Router interface.

!

Interface gigabit 0/0

ip access-group 111 in

!

In the PC end just change the IP address of the machines with its local gateway to the new segment.

All works ... Cheers

Thanks

Arunprabhu A

0 Helpful

VASILIS PRINARIS
Level 1
Level 1
In response to ARUNPRABHU A

‎01-18-2016 01:59 AM

thank you for your quick response and your analysis. i will try it asap.

one extra question please... until now we have configured a dhcp server at the router. when we will create the subnets can we at least keep the dhcp for the subnet that has the most pcs and configure the rest pcs with static IPs? i think we will have no problem... right?

thank you again in advance

edit

results of your proposal:

i have a cisco 876 router. i tried to assign IP to fa0 and i couldn't. it said "IP addresses may not be configured on L2 links". so i figured out that 876 has default Vlan1 which i can't bypass or delete it so to be able to assign IPs to fastethernet ports. Is that true or there is something that i misunderstood?  i found this in here http://www.cisco.com/en/US/docs/routers/access/800/850/software/configuration/guide/routconf.html which says:

"Configure Fast Ethernet LAN Interfaces

The Fast Ethernet LAN interfaces on your router are automatically configured as part of the default VLAN and as such, they are not configured with individual addresses. Access is afforded through the VLAN. You may assign the interfaces to other VLANs if desired. For more information about creating VLANs, see Chapter 5 "Configuring a LAN with DHCP and VLANs." "

But in order to try your solution i did this: i configured as you said but in vlan1. i configured 2 pcs in the 2 subnets and connected them directly in 2 fastethernet ports on the router to see what will happen.

i had connection with router but i also could ping eachother. so i must try something else...

can you help?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card