09-15-2012 09:14 AM - edited 03-07-2019 08:54 AM
Hello,
I have set up a couple of vlans on a cisco 1721 router 4esw card using the vlan database and assigning an ip address of 192.168.1.x and 192.168.2.x for each vlan interface.
Strangely enough connected computers can talk to the other vlan and I have not set any subinterfaces on the etherner0 (layer 3) and not even connected a cable.
Is there any reason why this should happen since they should not talk to eachother being on seperate vlans.
Doing a tracert shows that first the vlan ip address is hit and then straight to the target pc in the other vlan
Thanks
Solved! Go to Solution.
09-15-2012 09:50 AM
Hello Aconticisco,
the 4ESW module supports multilayer switching like a standalone C3560- C3750, if you have defined the vlans in the database and you have also configured the associated SVIs ( layer3 interfaces Vlan X and Vlan Y) with IP addresses in the involved IP subnets 192.168.1.0/24 and 192.168.2.0/24, then inter vlan routing is provided by the module as your traceroute test confirms.
You don't need to provide L3 services using the router interface as the module is multilayer capable,
Hope to help
Giuseppe
09-15-2012 02:00 PM
I thin you can put an ACL to filter traffic and apply it on each SVI.
09-15-2012 09:50 AM
Hello Aconticisco,
the 4ESW module supports multilayer switching like a standalone C3560- C3750, if you have defined the vlans in the database and you have also configured the associated SVIs ( layer3 interfaces Vlan X and Vlan Y) with IP addresses in the involved IP subnets 192.168.1.0/24 and 192.168.2.0/24, then inter vlan routing is provided by the module as your traceroute test confirms.
You don't need to provide L3 services using the router interface as the module is multilayer capable,
Hope to help
Giuseppe
09-15-2012 01:31 PM
Hello,
thank you for the information. I would like to avoid this situation and have the vlans completely isolated.
How can I achieve such result where example vlan 2 is unable to communicate with devices on vlan 3 using the 4ESW
Thanks
09-15-2012 02:00 PM
I thin you can put an ACL to filter traffic and apply it on each SVI.
09-16-2012 12:00 AM
Thank You all now it is all clear and working
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide