Home > IT Answers > Networking > Configuring managed switch and router in orde...
Help

Question

  Asked: Apr 18 2005   11:35 AM GMT
  Asked by: ivoivo

Configuring managed switch and router in order to have Internet...


Networking, Networking Equipment, Switches, Layer 3-7 Switches, Modems/Cable Modems, Network Management Systems, Routers

Dear Sir,

Could you please help me concerning the following matter:
I have Cisco Catalyst 2950 managed switch connected to Linksys WRT54G - Wireless-G Broadband Router, which is then connected to ADSL modem. I need the following scenario: -two VLANs configured on the managed switch, so there will be no traffic between. But for the both VLANs I need to use the router as an Internet gateway.
So please help me how can I configure this scenario.

Thank you in advance,

Sincerely,
Ivo

Subscribe to Alerts! Get questions and answers delivered to your Inbox.


E-mail me updates on this question



   SUBSCRIBE

hidden modal window
Help

Answer Wiki (Improve, edit or add to this answer)

IMPROVE THIS ANSWER
View History
 RATE THIS ANSWER
0
Click to Vote:
  •   0
  •  0
Last Answered: Apr 19 2005  11:08 AM GMT  by KeithD1967




Try this section of this document from Cisco:

TITLE: Assigning the Switch IP Address and Default Gateway

http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a00801cde76.html

I think the VLAN issue is not going to be a problem. All you have to do is set an IP address on the switch and point the switch to the IP address of the default gateway, in this case the Linksys router. I'm sure you know, but you will have to have the clients pointing to the same gateway (the Linksys router) as well. All traffic on both VLANs going outside your little network should be sent to your router, and your router pick it up from there.

Test it out, see what happens.
  • AddThis Social Bookmark Button

Browse more Questions and Answers on Networking and Security.

Looking for relevant Networking Whitepapers? Visit the SearchNetworking.com Research Library.


RSS - Discussions Help

Discuss This Answer


You must be logged-in to discuss a question. Log-in/Register

sonyfreek  |   Apr 19 2005  7:09PM GMT

I don’t think it will work the way you are expecting it to work. You can partition the switch out to two VLANs without a sweat, but the LinkSys router doesn’t understand the 802.1Q VLAN tagging protocol.

You can make it work by creating two VLANs on the switch (Ex: VLAN 2 on ports 0/1-12 and VLAN 3 on ports 0/13-24) by setting up each of the connected computers in a different subnet (say 192.168.1.1/24 and 192.168.2.1/24). However, this wouldn’t be effective at achieving a separate VLAN because the Linksys does not have the capability to talk 802.1Q. What I’m saying is that you would get the same result by configuring the computers connected to the Linksys with two different subnets… This provides no security (although, VLANs don’t really make you more secure either). I don’t know if the Linksys will let you configure two IP Addresses to use as default gateways on your PCs, but that would need to be done as well. The documentation doesn’t look like it will.

Essentially, if you truly want to use VLANs, you need a router that will understand 802.1Q to really do Layer 3 switches and apply access lists to prevent unauthorized access across the subnets. You would also have to secure the VLANs by disabling CDP, VTP, and DTP, then assign the default VLAN for the switchport to a shutdown VLAN (Ex: VLAN 400). See the NSA SNAC at: <a href="http://www.nsa.gov/snac/os/switch-guide-version1_01.pdf," rel="nofollow">http://www.nsa.gov/snac/os/switch-guide-version1_01.pdf,</a> section 9.6.2.

Hope this helps,

Sonyfreek