MLS configuration for routing

Unanswered Question
Oct 7th, 2009
User Badges:

Hi


I'll set the scene...we are getting a Layer 2 ethernet presented LAN extension, that we wish to route to our firewall via a C3560G switch, using a routed port (See attachment for diagram).


Can you confirm this is possible and also how this would be configured?


Thanks

Brian





Attachment: 
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Wed, 10/07/2009 - 03:49
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Brian


Yes it's possible. You need to configure the port on the 3560 that the LAN extension connects to as -


int gi0/1

no switchport

ip address 192.168.5.1 255.255.255.252


obviously the other end of the LAN extension wherever that is would be configured with the ip address 192.168.5.2/30.


Jon

Jon Marshall Wed, 10/07/2009 - 04:05
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Brian


Yes you would need to enable "ip routing" on the switch.


Your other option is simply to have the 3560 as a L2 switch only and run it to the firewall.


Jon

glen.grant Wed, 10/07/2009 - 04:33
User Badges:
  • Purple, 4500 points or more

Yes routing would be turned on .

johnstone_cisco Wed, 10/07/2009 - 06:57
User Badges:

Hi


I plan to put static routes on the switch


ip route 0.0.0.0 0.0.0.0 'my Firewall int address'

ip route '3rd Party lan' 255.255.255.0 'routed switch port'


I assume these entries will only effect the traffic via the routed port, the remaining layer 2 ports on the switch will continue to act as normal?


Thanks

Brian


Jon Marshall Wed, 10/07/2009 - 07:02
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Brian


ip route '3rd Party lan' 255.255.255.0 'routed switch port'


would be better to use


ip route '3rd Party lan' 255.255.255.0 ie. 192.168.5.2 in the example i gave.


"I assume these entries will only effect the traffic via the routed port, the remaining layer 2 ports on the switch will continue to act as normal?"


the routes will affect any traffic that is routed on your 3560 especially the default route. Looking at your setup this should be fine.


Jon

Actions

This Discussion