How would you set this LAN up?

Unanswered Question
Jun 9th, 2010
User Badges:

Hi all,


I have the following network appliances to setup my network:


1 x 24p Cisco 3560

1 x 24p Cisco 2950T

1 x 8p Cisco 2960

1 x Firewall Zyxel USG300 (gateway to internet)


I have to isolate the production environment (15 Windows computers) from the rest of the LAN (20 computers between sales, staff, accounting, etc.). I have one SBS 2003, and I need to create a domain for all the network. How would you isolate these 15 computers?, do I have to use two different VLANS?, the isolated machines needs to get access to the SBS2003 to join the domain, and also to the Firewall/gateway to get internet access. We've received all the Cisco switches from a different company.


Any hint/advice would be greatly appreciated


Thanks a lot

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Leo Laohoo Wed, 06/09/2010 - 15:12
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

You need to configure Dot1Q Trunking in order to use inter-VLAN communication.


Configuring InterVLAN Routing and ISL/802.1Q Trunking on a Catalyst 2900XL/3500XL/2950 Switch Using an External Router

http://www.cisco.com/en/US/customer/tech/tk389/tk815/technologies_configuration_example09186a00800949fd.shtml


You have a 3560 which could be used as a Layer 3 router for Dot1Q Trunking.


Configuring 802.1Q Trunking Between a Catalyst 3550/3560/3750 and Catalyst Switches That Run Cisco IOS Software

http://www.cisco.com/en/US/customer/products/hw/switches/ps700/products_configuration_example09186a008010f615.shtml


Hope this helps and please don't forget to rate useful posts.  Thanks.

costasanti Wed, 06/09/2010 - 15:30
User Badges:

Thank you very much leolaohoo !


So where would you configure the .Q1, in the 3560 or in the router, or do I have to do it in both?


To understand it better, the dotQ1 has to be set for inter-VLAN routing right?, where do I have to configure the trunk, in one of the 3560 ports?


Thanks again !

Leo Laohoo Wed, 06/09/2010 - 15:35
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

If you have a router, I'd recommend that you configure Dot1Q trunking on the router (aka router-on-a-stick) using the first link.  If you don't have one, you can configure the 3560 switch (2nd link).

costasanti Wed, 06/09/2010 - 15:42
User Badges:

Thanks again,


I'd have to do it in the L3 switch as there is a firewall between the router and the switch.


I'll try the second option !


Santi

Actions

This Discussion