We have 3x Cisco 4500R switches with various VLANs for:
1. Cisco IP Phones (We run CallManager) (192.168.4.0/23 & 192.168.6.0/24) - VLAN 45 & VLAN 6
2. Servers (192.168.1.0/24) (VLAN 10)
3. PCs & Printers (192.168.2.0/23) (VLAN 23)
4. Network Devices (192.168.0.0/24) (VLAN 1)
5. Wireless VLAN 233/234
The SOE guys wants to create a basic test lab to recreate a AD Controller, FileServer, and a handful of PCs.
What's the best way to implement a side-by-side VLAN implementation to isloate the test lab so it doesn't interfere with the production environment but replicating the IP addressing?
We'd want to use the Wireless for the test PCs so DHCP won't be issue because of the way its been implemented.
Should I just create a single VLAN with a large subnet eg: 192.168.1.0/22 as it won't have any phones or anything else on it? The PCs will just need to see the servers but the IP addressing for hte servers and pcs need to be replicated because of login scripts etc.
I think I'd need VACLS so the new VLAN won't route? Not 100% sure.
Private VLAN Catalyst Switch Support Matrix
Securing Networks with Private VLANs and VLAN Access Control Lists