03-20-2010 11:05 PM - edited 03-04-2019 07:52 AM
HI GUYS PLEASE I AM SIMULATING A WAN NETWORK USING PACKET TRACER.IN THIS SCENARIO,
2 routers connected via a Serial Link
router A has 4 departments and each department (sales,Marketing,purchase,finance) has a switch connected to the fast ethernet port of the router.
This is same with router B.So totally there are 8 switches in the whole Network and 4 for each LAN(router).
Presently i am trying to implement InterVLAN where sales in router A can ping ony sales in router B.Is that possible? please help explain this to me with the possible sample configurations.
03-21-2010 05:13 AM
Hello Asok Frank,
to limit IP connectivity in your scenario there are some options:
a) classic approach : use of ACLs applied to LAN interfaces inbound to decide who can talk with who
let's suppose 10.10/16 is uses on site A 10.11.0.0/16 is used on siteB
example
int f0/0.30
enc dot1q 30
ip address 10.10.30.1 255.255.255.0
ip access-group 111 in
access-list 111 remark access sales site A inbound
access-list 111 permit ip 10.10.30.0 0.0.0.255 10.11.30.0 0.0.0.255
access-list 111 pemit ip 10.10.30.0 0.0.0.255 10.10.0.0 0.0.255.255
if any change happens all ACLs have to changed too
b) modern approach:
use of MPLS L3 VPN if you need to limit connectivity between different departments and groups this can be a tool
http://www.cisco.com/en/US/docs/ios/12_2sb/12_2sba/feature/guide/vrflite.html
Hope to help
Giuseppe
03-21-2010 06:08 AM
Thanks alot for you reply.So to further make it clear
int f0/0.30 should i create such an interface to both routers and apply an ip address of a new subnet ?so i will have 1 new subnet for each router?
Does subfast ethernet interface have to be f0/0.30 if the actual interface is fa0/0? so if i am to create a subinterface it should be the interface where the switch is directly connected to?
Also do i need to make the link between the switch and router as trunk or just access.
And lastly
The encapsulation dot1q 30 =>what is 30?
Thanks for you help and hope you understand my doubts.
03-22-2010 01:19 AM
Ashok,
Please get to the basics of vlan and intervlan routing.
Since you are terminating all the four different switches to four different interfaces on Router A, there has to be four subnets for all the separate Vlans rite ?
Or atleast thats why the router is req. on the first hand ?
The same is applicable at the other end too.
The digit 30 is the vlan id
With the help of access lists we can limit the communications at Layer 3
like Vlan 30 can access only Vlan 40 et al
Please refer to the link below for some basic understanding
http://www.cisco-tips.com/cisco-router-on-a-stick-with-switch/
Happy reading..
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide