I have a LAN using IP range 192.168.1.x. I am currently using a Cisco 857 ADSL router to provide internet access to all the PC's in the LAN.
I want to change the network so that IP addresses are separated into different departments, eg 192.168.10.x, 192.168.20.x. Each different network would be able to access the internet, mail server and the file server etc, but would not have access to each other.
Could this be achieved using ACL's on my existing router? The Cisco router only has 4 ports, would I need to purchase an additional router, or layer 3 switch to do this?
It's true, the 850 series only supports one vlan. :(
You would have to put a Layer3 switch behind it, and create a separate subnet connecting it to the cisco 857 (either by VLAN/SVI or routed port).
On the L3 switch create different VLANs and SVI's for your clients. Assign different ports to the desired Client VLANs.Communication between the VLANs can be limited by ACL's applied to the SVIs.
On the L3 switch point a default route towards the Cisco857, and dont forget to set appropriate routes on your Cisco 857 pointing back to the Layer 3 Switch.