Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
745
Views
0
Helpful
4
Replies

Vlans talking to each other without subinterfaces set

Go to solution
aconticisco
Level 2
Level 2

‎09-15-2012 09:14 AM - edited ‎03-07-2019 08:54 AM

Hello,

I have set up a couple of vlans on a cisco 1721 router 4esw card using the vlan database and assigning an ip address of 192.168.1.x and 192.168.2.x for each vlan interface.

Strangely enough connected computers can talk to the other vlan and I have not set any subinterfaces on the etherner0 (layer 3) and not even connected a cable.

Is there any reason why this should happen since they should not talk to eachother being on seperate vlans.

Doing a tracert shows that first the vlan ip address is hit and then straight to the target pc in the other vlan

Thanks

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎09-15-2012 09:50 AM

Hello Aconticisco,

the 4ESW module supports multilayer switching like a standalone C3560- C3750, if you have defined the vlans in the database and you have also configured the associated SVIs ( layer3 interfaces Vlan X and Vlan Y) with IP addresses in the involved IP subnets 192.168.1.0/24 and 192.168.2.0/24, then inter vlan routing is provided by the module as your traceroute test confirms.

You don't need to provide L3 services using the router interface as the module is multilayer capable,

Hope to help

Giuseppe

View solution in original post

0 Helpful

Go to solution
zheng.olivier
Level 1
Level 1
In response to aconticisco

‎09-15-2012 02:00 PM

I thin you can put an ACL to filter traffic and apply it on each SVI.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Giuseppe Larosa
Hall of Fame
Hall of Fame

‎09-15-2012 09:50 AM

Hello Aconticisco,

the 4ESW module supports multilayer switching like a standalone C3560- C3750, if you have defined the vlans in the database and you have also configured the associated SVIs ( layer3 interfaces Vlan X and Vlan Y) with IP addresses in the involved IP subnets 192.168.1.0/24 and 192.168.2.0/24, then inter vlan routing is provided by the module as your traceroute test confirms.

You don't need to provide L3 services using the router interface as the module is multilayer capable,

Hope to help

Giuseppe

0 Helpful

Go to solution
aconticisco
Level 2
Level 2
In response to Giuseppe Larosa

‎09-15-2012 01:31 PM

Hello,

thank you for the information. I would like to avoid this situation and have the vlans completely isolated.

How can I achieve such result where example vlan 2 is unable to communicate with devices on vlan 3 using the 4ESW

Thanks

0 Helpful

Go to solution
zheng.olivier
Level 1
Level 1
In response to aconticisco

‎09-15-2012 02:00 PM

I thin you can put an ACL to filter traffic and apply it on each SVI.

0 Helpful

Go to solution
aconticisco
Level 2
Level 2
In response to zheng.olivier

‎09-16-2012 12:00 AM

Thank You all now it is all clear and working

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card