cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
993
Views
5
Helpful
4
Replies

How would you set this LAN up?

costasanti
Level 1
Level 1

Hi all,

I have the following network appliances to setup my network:

1 x 24p Cisco 3560

1 x 24p Cisco 2950T

1 x 8p Cisco 2960

1 x Firewall Zyxel USG300 (gateway to internet)

I have to isolate the production environment (15 Windows computers) from the rest of the LAN (20 computers between sales, staff, accounting, etc.). I have one SBS 2003, and I need to create a domain for all the network. How would you isolate these 15 computers?, do I have to use two different VLANS?, the isolated machines needs to get access to the SBS2003 to join the domain, and also to the Firewall/gateway to get internet access. We've received all the Cisco switches from a different company.

Any hint/advice would be greatly appreciated

Thanks a lot

4 Replies 4

Leo Laohoo
Hall of Fame
Hall of Fame

You need to configure Dot1Q Trunking in order to use inter-VLAN communication.

Configuring InterVLAN Routing and ISL/802.1Q Trunking on a Catalyst 2900XL/3500XL/2950 Switch Using an External Router

http://www.cisco.com/en/US/customer/tech/tk389/tk815/technologies_configuration_example09186a00800949fd.shtml

You have a 3560 which could be used as a Layer 3 router for Dot1Q Trunking.

Configuring 802.1Q Trunking Between a Catalyst 3550/3560/3750 and Catalyst Switches That Run Cisco IOS Software

http://www.cisco.com/en/US/customer/products/hw/switches/ps700/products_configuration_example09186a008010f615.shtml

Hope this helps and please don't forget to rate useful posts.  Thanks.

Thank you very much leolaohoo !

So where would you configure the .Q1, in the 3560 or in the router, or do I have to do it in both?

To understand it better, the dotQ1 has to be set for inter-VLAN routing right?, where do I have to configure the trunk, in one of the 3560 ports?

Thanks again !

If you have a router, I'd recommend that you configure Dot1Q trunking on the router (aka router-on-a-stick) using the first link.  If you don't have one, you can configure the 3560 switch (2nd link).

Thanks again,

I'd have to do it in the L3 switch as there is a firewall between the router and the switch.

I'll try the second option !

Santi

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco