cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
352
Views
4
Helpful
2
Replies

Redirecting traffic from VLAN

UTVi-NetAdmin
Level 1
Level 1

Hi,

We have two VLAN's

VLAN 1-192.168.18.0/24 (with secondary addressing)

VLAN 2-192.168.130.0/27

In order to migrate services to new hardware in VLAN 2, we need to divert traffic or at least determine what devices within VLAN 1 are still trying to talk to legacy VLAN 1 device?

Host routes won't work (directly connected interfaces), nor NAT (no interface to apply it to).

Is the only way to determine this via a VACL in VLAN1 with logging keywords?

Thanks,

Mark

2 Replies 2

wochanda
Level 4
Level 4

Can you SPAN the port connecting to the legacy device and see which hosts are talking to it?

William,

Thanks for your reply.

I tried the VACL logging feature and it works ok, as long as you deny the packets/flows that you want to log!

I had forgot about SPAN alright.

I was wondering have you any thought on NAT and VLANS?

As in my original post, say we have a legacy vlan and hope to segment that vlan into multiple vlans/subnets as hosts get re-addressed.

Where are 'ip nat outside' and 'ip nat inside' statements required when doing this.

Example:

!

interface GigabitEthernet5/1

description Incoming Interface

ip address 172.16.1.106 255.255.255.252

ip nat outside

end

!

!

interface Vlan888

description Legacy Test VLAN

ip address 172.16.8.19 255.255.255.0

end

!

!

interface Vlan889

description DESTINATION-TEST-SVI

ip address 172.16.30.3 255.255.255.224

ip nat inside

end

!

!

ip nat inside source static 172.16.8.108 172.16.30.21

!

Is this wrong?

Thanks,

Mark

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: