Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
855
Views
0
Helpful
4
Replies

Vlan dhcp and security

Go to solution
tomasz.bogusz
Level 1
Level 1

‎08-29-2014 12:41 AM - edited ‎03-07-2019 08:34 PM

HI all.

 

I'm a newbie with Cisco.

 

I wanted to achieve something like this.

I want to make separate subnets on Layer 3 switch. I'm not using any router.

Each Interface is each vlan&subnet. So Interface fa0/2 is vlan2, interface fa0/10 is vlan10 and so on. Additionaly vlan 2 is subnet 2.x and vlan10 is subnet 10.x

 

I already configured Dhcp server with scopes and configured IP helper

 

BUT

And here starts my question.

 

Is that true that I have to enable IP routing between Vlans? If yes then what's the point of creating Vlans when we have to enable routing between them?

 

Or maybe there is a way to enable only communication with DHCP server but disable any other communication between VLans?

 

Let say I have DHCP server on vlan1 and want vlan5 to only communicate with DHCP server but not communicate with vlan10 and any other computersi n vlan1. Is that possible?

 

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Martin Carr
Level 4
Level 4

‎08-29-2014 02:50 AM

VLANS are as the name implies, i.e. a virtual LAN. You only need to route if you want to communicate between them!

You need to configure the IP-helper on 5 (and 10, if you DHCP clients), if configured correctly, this will achieve what you want.

Martin

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Walter Astori
Level 1
Level 1

‎08-29-2014 01:00 AM

The config can be as below if i understand your question :

interface vlan 2
ip address 2.x

interface Fa0/2
switchport access vlan

interface vlan 5
ip address 5.x

interface Fa0/5
switchport access vlan 5

interface vlan 1
 ip address 1.x

interface fa0/1
switchport access vlan 1

ip routing

interface fa0/3
description --> DHCP Server
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,5,2,10
switchport mode trunk

 

So you have DHCP server on VLAN 1. The computer on VLAN 1 can acquire IP from DHCP Server .

This is my solution, but if i not understand your question you can answer me

0 Helpful

Go to solution
Martin Carr
Level 4
Level 4

‎08-29-2014 02:50 AM

VLANS are as the name implies, i.e. a virtual LAN. You only need to route if you want to communicate between them!

You need to configure the IP-helper on 5 (and 10, if you DHCP clients), if configured correctly, this will achieve what you want.

Martin

0 Helpful

Go to solution
tomasz.bogusz
Level 1
Level 1
In response to Martin Carr

‎08-29-2014 03:11 AM

Thank you.

 

I have no idead why I thought that you have to enable ip routing to have it working.

 

I tested it with IP helper without IP routing and it's working fine.

0 Helpful

Go to solution
dineshvin
Level 1
Level 1
In response to tomasz.bogusz

‎09-04-2014 06:52 AM

Hi Tomaz bogusz ,

 

Can you share the configuration details with my mail id(ramdineshsunil@gmail.com)

If you don't mind just for understanding 

0 Helpful
Customers Also Viewed These Support Documents