I would like to create
two vlans on one switch, one without an IP address. Here's why:
One vlan would be outside of my firewall. It would have the Internet connection, connection to the firewall, and the outside card of my video bridge. The IP addresses connected to that switch would be 168.xxx.xxx.1, 168.xxx.xxx.3 and 168.xxx.xxx.34. The other vlan is for the DMZ for my firewall. The IP addresses in there are in the 168.xxx.xxx.15-30 range. I would like to assign an IP address to one VLAN for management purposes, but I don't see how I can assign one to the second VLAN because of overlapping IP addresses. Right now these connections are on different switches. Can I do this?
Acting Director, Information Services
Hill Country Community MHMR Center
I am a bit confused by the IP addressing you describe. It sounds as if you have a range of registered IP addresses that you have further subnetted to assign between your external and DMZ networks but I cannot see how you can have 168.xxx.xxx.1, 168.xxx.xxx.3 and 168.xxx.xxx.34 on the external and 168.xxx.xxx.15-30 on the DMZ.
It would be helpful if you can give more details of the addressing scheme including subnet masks and confirming whether the first three octets are common (i.e. xxx.xxx has the same value on the external and DMZ networks). It would also be helpful if you can post which switch and software image you have.
Regardless of the addressing scheme you use I would urge you not to assign an IP address to any switch VLAN that is external or a DMZ. I would create a third VLAN specifically for management and assign an internal IP address to it.
Hope this helps.
I'm not sure If I understand you.
You can create just a vlan. Now you have a "Layer 2 " vlan just to carry traffic through the switch. "show vlan" will show you these vlans. This VLAN has no IP.
If you want create a vlan with an IP, you need to create a vlan like in point 1 and you need to create a "interface vlan X" to assign an IP, here you can also use a subnetmask to define smaller networks.
Hope that helps you, if it is not clear, just let me know.