Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
354
Views
0
Helpful
3
Replies

Virtual routers

alaeldien
Level 1
Level 1

‎11-10-2008 04:09 AM - edited ‎03-04-2019 12:15 AM

Hello

i need to separate two networks in my LAN, using router with one public IP address, is the concept of Virtual router will works here,

if so could some one give brief configuration assuming one router with static routing protocol.

thank you

Labels:
0 Helpful
3 Replies 3

Jon Marshall
Hall of Fame
Hall of Fame

‎11-10-2008 04:12 AM

Ala

Could you provide a few more details ie. you say you have one router with one public IP address and you want to separate 2 networks. What exactly do you mean by this.

What is your router model, how many interfaces does it have etc..

Jon

0 Helpful

alaeldien
Level 1
Level 1
In response to Jon Marshall

‎11-10-2008 04:20 AM

hello Jon

thank you for ur immediate response

i have Cisco 1841 router with serial interface and 2 ethernet interfaces, i want to separate 2 networks, i.e the Sales guys can not access those in Administration Dept,

through one public ip address asigned from ISP, is it possible for this separation through subnetting or Virtual router.

i hope i express my needs clearly.

thanks

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to alaeldien

‎11-10-2008 04:31 AM

Ala

Do you have a switch that your internal users are connected to. If so it is relatively easy to do what you want. So on your switch you would create 2 vlans

switch(config)# vlan 10

switch(config-vlan)# name admin_vlan

switch(config)# vlan 11

switch(config-vlan)# name sales_vlan

Then connect fa0/0 on your 1841 to one of the switchports eg. gi0/1 and on the switch

int gi0/1

switchport access vlan 10

connect fa0/1 on your 1841 to another of the switchports eg. gi0/2

int gi0/2

switchport access vlan 11

On the 1841 router

access-list 101 deny ip 192.168.6.0 0.0.0.255 192.168.5.0 0.0.0.255

access-list 101 permit ip any any

int fa0/0

ip address 192.168.5.1 255.255.255.0

ip nat inside

int fa0/1

ip address 192.168.6.1 255.255.255.0

ip nat inside

ip access-group 101 in

int s0/0

ip nat outside

then just allocate sales and admin PC's into their respective vlans on the switch using the "switchport access vlan ..." command.

Each admin PC needs it's default-gateway set to 192.168.5.1

Each sales PC needs it's default-gateway set to 192.168.6.1

The above config will allow your sales and admin people to access the Internet and it will also stop your sales people connecting to admin machines.

Obviously you will need to modify the IP addressing etc. to meet your needs.

Jon

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card