cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
399
Views
8
Helpful
3
Replies

Internet Connectivity Without LAN Connectivity

rossua994
Level 1
Level 1

Can anyone advise what the best approach to the following hypothetical scenario would be :-

An organisation has 20 workstations each of which requires internet access, but none of which requires connectivity to any of the other workstations.

The obvious solution of a router and a switch would mean that the workstations were connected at Layer 2 and all on the same subnet. To use VLANs would seem a cumbersome solution as 20 separate VLANs would be needed.

Are there routers or router modules that would supply the 20 necessary Ethernet ports required to keep all the workstations on separate networks ? (Though this seems a cumbersome solution too).

Or, is there no practical way around this problem and the 20 workstations should just be connected to a single switch, and a router used to provide internet connectivity to the LAN ?

Thanks in advance for any advice.

3 Replies 3

rais
Level 7
Level 7

Private VLAN seems a good option for your need.

Under Primary VLAN you can create 'isolated VLAN' which prevents hosts on a vlan from talking to each other.

http://www.cisco.com/en/US/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00805b57c2.html

Thanks.

wochanda
Level 4
Level 4

This functionality is present on most switches we have out at this time. The two features that will give this functionality are:

-Protected ports

-Private VLANS

Higher-end switches support private VLANs, where lower-end switches support protected ports. When setting up private VLANs, you'll look to put your hosts in an 'isolated' PVLAN, where they'll be able to talk to the 'promiscuous port'(router), but not each other. On protected ports, you'll just configure 'switchport protected' on the ports you dont want to have L2 connectivity.

If you're looking to put a 3560/3750 on-site, you'll want to look at this:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3750/12235se/scg/swpvlan.htm

For a 2960, look here:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2960/12237se/scg/swtrafc.htm#wp1029319

If you're using a HWIC-4ESW or a HWIC-9ESW in an ISR router, you can look here:

http://www.cisco.com/en/US/products/ps6441/products_feature_guide09186a008086f312.html

rossua994
Level 1
Level 1

Many thanks for both replies, these have been very helpful. Incidentally, I was wondering if there is any Cisco documentation available on the web-site that describes how to choose the best Cisco equipment for particular networking scenarios. I am studying for my CCNA and things like access, distribution, and core switching layers are more at the CCNP level.

Are there certification exams or any Cisco Press books which cover this ?

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: