Routing with VLANs

Unanswered Question
Feb 10th, 2007

Lab Work

Topology:

csu/dsu---2500(s0)and(E0)---2924(Fa0/1)

Scenario:

A 2500 Router with 1 ethernet port, these port is connected to fa0/1 of 2924XL switch.

Objectives:

Apparently the 2924 switch has a 24 ports. Each of those ports is connected to different office units on my building. I want to implement a 3 vlan for those units. Each vlan are using 3 different subnets (private ip). On my router s0 (public ip) and e0(public ip). If im using a private ip on my vlans is it possible for them to route to the internet without using any proxy servers? Using isl trunking how can i route those vlans to the internet, take note i am only using 2 equipments. Is this possible? or Do i need to have another equipment for them run outside the internet.

Current config on router:

int serial 0

ip address 201.16.25.201 255.255.255.252

int ethernet 0

ip address 201.192.172.1 255.255.255.224

int ethernet 0.1

ip address 192.168.1.1 255.255.255.0

encapsulation isl 1

int ethernet 0.2

ip address 172.16.1.1 255.255.255.0

encapsulation isl 2

int ethernet 0.3

ip address 10.10.10.1 255.255.255.0

encapsulation isl 3

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Loading.
Collin Clark Mon, 02/12/2007 - 12:58

You have to have a Fast Ethernet interface for trunking on a router. I hope this is theoretical, I have not seen ISL in years!

mheusinger Mon, 02/12/2007 - 13:33

Hi,

this should be possible, once you implement NAT/PAT on your router. Try this configuration:

int serial 0

ip address 201.16.25.201 255.255.255.252

ip nat outside

int ethernet 0

ip address 201.192.172.1 255.255.255.224

int ethernet 0.1

ip address 192.168.1.1 255.255.255.0

encapsulation isl 1

ip nat inside

int ethernet 0.2

ip address 172.16.1.1 255.255.255.0

encapsulation isl 2

ip nat inside

int ethernet 0.3

ip address 10.10.10.1 255.255.255.0

encapsulation isl 3

ip nat inside

ip nat inside source list 10 interface Seial0 overload

access-list 10 permit any

ip route 0.0.0.0 0.0.0.0 Serial0

The unknown part in your config is the IP address on e0. What are you using it for? In any case you should be able to access the internet with the above configuration.

Hope this helps! Please use the rating system.

Regards, Martin

CSCO10892433 Tue, 02/13/2007 - 03:25

Hi, Martin

This is an excellent solution for the orignal post. But I have one question. Do you think 2500 series routers support vlan trunking? I have one 2503 in my lab. It runs 12.2T ip plus feature set. It cannot run the config you provided. Please clarify it for me. Thank you.

Best Regards

SSLIN

mheusinger Tue, 02/13/2007 - 09:15

Hello,

ISL is only supported on FastEthernet and not on Ethernet interfaces. See f.e. the requirements in "Configuring ISL Trunks on Cisco Routers"

http://www.cisco.com/en/US/tech/tk389/tk390/technologies_tech_note09186a00800949fc.shtml

Sorry for causing confusion. The above configuration is afaik only valid on FastEthernet.

Regards, Martin

P.S.: the main interface can have an IP address on a dot1Q trunk and routes the native VLAN.

P.S.:

CSCO10892433 Tue, 02/13/2007 - 22:03

Hi, Martin

Thanks for the updated. It do clarify everything for me. Thanks.

SSLIN

CSCO10892433 Tue, 02/13/2007 - 22:20

Hi, ahmednaas

The link you provided is great. I have not found such a document since I tested 802.1Q tunking in my 2610 router half an year ago.

But there is still an inconsistency between this document and the test result in my lab.

The document says C3600 with 2E2W don't support 802.1Q trunking whereas I test in my lab, it do support. I will try it again tonight and let you know.

Regards

SSLIN

Actions

This Discussion