WAN INTERVLAN

Unanswered Question
Mar 20th, 2010

HI GUYS PLEASE I AM SIMULATING A WAN NETWORK USING PACKET TRACER.IN  THIS SCENARIO,

2 routers connected via a Serial Link

router A  has 4 departments and each department (sales,Marketing,purchase,finance) has a switch connected to the fast ethernet port of the router.

This is same with router B.So totally there are 8 switches in the whole Network and 4 for each LAN(router).

Presently i am trying to implement InterVLAN where sales in router A can ping ony sales in router B.Is that possible? please help explain this to me with the possible sample configurations.

vlane.jpg

Attachment: 
I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Sun, 03/21/2010 - 05:13

Hello Asok Frank,

to limit IP connectivity in your scenario there are some options:

a) classic approach : use of ACLs applied to LAN interfaces inbound to decide who can talk with who

let's suppose 10.10/16 is uses on site A 10.11.0.0/16 is used on siteB

example

int f0/0.30

enc dot1q 30

ip address 10.10.30.1 255.255.255.0

ip access-group 111 in

access-list 111 remark access sales site A inbound

access-list 111 permit ip 10.10.30.0 0.0.0.255 10.11.30.0 0.0.0.255

access-list 111 pemit ip 10.10.30.0 0.0.0.255 10.10.0.0 0.0.255.255

if any change happens all ACLs have to changed too

b) modern approach:

use of MPLS L3 VPN if you need to limit connectivity between different departments and groups this can be a tool

http://www.cisco.com/en/US/docs/ios/12_2sb/12_2sba/feature/guide/vrflite.html

Hope to help

Giuseppe

frankycool Sun, 03/21/2010 - 06:08

Thanks alot for you reply.So to further make it clear

int f0/0.30 should i create such an interface to both routers and apply an ip address of a new subnet ?so i will have 1 new subnet for each router?

Does subfast ethernet interface have to be f0/0.30 if the actual interface is fa0/0? so if i am to create a subinterface it should be the interface  where the switch is directly connected to?

Also do i need to make the link between the switch and router as trunk or just access.

And lastly

The encapsulation dot1q 30 =>what is 30?

Thanks for you help and hope you understand my doubts.

Tharak Abraham Mon, 03/22/2010 - 01:19

Ashok,

Please get to the basics of vlan and intervlan routing.

Since you are terminating all the four different switches to four different interfaces on Router A, there has to be four subnets for all the separate Vlans rite ?

Or atleast thats why the router is req. on the first hand ?

The same is applicable at the other end too.
The digit 30 is the vlan id

With the help of access lists we can limit the communications at Layer 3

like Vlan 30 can access only Vlan 40 et al

Please refer to the link below for some basic understanding

http://www.cisco-tips.com/cisco-router-on-a-stick-with-switch/

Happy reading..

Actions

This Discussion

Related Content