MLS configuration for routing

Unanswered Question
Oct 7th, 2009

Hi


I'll set the scene...we are getting a Layer 2 ethernet presented LAN extension, that we wish to route to our firewall via a C3560G switch, using a routed port (See attachment for diagram).


Can you confirm this is possible and also how this would be configured?


Thanks

Brian





Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 10/07/2009 - 03:49

Brian


Yes it's possible. You need to configure the port on the 3560 that the LAN extension connects to as -


int gi0/1

no switchport

ip address 192.168.5.1 255.255.255.252


obviously the other end of the LAN extension wherever that is would be configured with the ip address 192.168.5.2/30.


Jon

Jon Marshall Wed, 10/07/2009 - 04:05

Brian


Yes you would need to enable "ip routing" on the switch.


Your other option is simply to have the 3560 as a L2 switch only and run it to the firewall.


Jon

johnstone_cisco Wed, 10/07/2009 - 06:57

Hi


I plan to put static routes on the switch


ip route 0.0.0.0 0.0.0.0 'my Firewall int address'

ip route '3rd Party lan' 255.255.255.0 'routed switch port'


I assume these entries will only effect the traffic via the routed port, the remaining layer 2 ports on the switch will continue to act as normal?


Thanks

Brian


Jon Marshall Wed, 10/07/2009 - 07:02

Brian


ip route '3rd Party lan' 255.255.255.0 'routed switch port'


would be better to use


ip route '3rd Party lan' 255.255.255.0 ie. 192.168.5.2 in the example i gave.


"I assume these entries will only effect the traffic via the routed port, the remaining layer 2 ports on the switch will continue to act as normal?"


the routes will affect any traffic that is routed on your 3560 especially the default route. Looking at your setup this should be fine.


Jon

Actions

This Discussion