VLAN & Internet Access

rsabapathee · ‎08-26-2006

Guys,

My network has 2 VLANs at the moment, planning to add more.Lets say for now vlan 1 & 2. My internet router is found in VLAN 1. Inter-VLAN routing has been configured on a Cisco 1710 and works fine in our network.

1) How to make those in VLAN 2 access the internet through ADSL router in VLAN 1? What ip route to configure?

(Just a quick note, some other ports we should enable for internet access: pop3 110, smtp 25)

2) Would it be easier to shift the ADSL router to a different VLAN as I add vlan 3, 4 ,etc?

rgs

roghen

Edison Ortiz · ‎08-26-2006

It's the 1710 your ADSL router ?

Please post configs.

Thanks

Richard Burts · ‎08-26-2006

roghen

If inter-VLAN routing is configured and is working ok then you should make sure that the router that is doing inter-VLAN routing has a default route configured which points to the connection through VLAN 1 to the Internet next hop. That should provide Internet access on each of the VLANs.

I see no need to move the Internet connectivity from VLAN 1 other than the general advice about keeping user traffic separate from management traffic in the native VLAN (which is VLAN 1 by default).

One other aspect to consider, depending on the addressing that you have configured in your network you probably need to do NAT on traffic going to the Internet and need to assure that it will translate user traffic from all VLANs.

HTH

Rick

HTH

Rick

mohd_imran · ‎08-27-2006

since your network has two vlans and you can communicate between then which means that u just have to configure a route for the subinterfces - assuming u have done a router on stick....on the internet interface of router where u have configured inter vlan routing since that currently takes already takes care of routing ur information to the ADSL router...it would be more helpful if u could post the configuration....

HIH

rsabapathee · ‎08-27-2006

Thanks for your feedback guys. however i cannot find any similar configuration that can help me with the routing. Here is my setup.

Cisco 1710 - 192.168.1.1

ADSL router (linksys) - 192.168.1.26

VLAN 1: 192.168.1.x

VLAN 2: 192.168.2.x

The only way I get internet to work is as follows:

1. The following ip route is configured on 1710 router.

ip route 0.0.0.0 0.0.0.0 192.168.1.26 255.255.255.0

2. Now on adsl router, I configure a route for each vlan to route internet traffic.

route 192.168.1.0 255.255.255.0 192.168.1.26

route 192.168.2.0 255.255.255.0 192.168.1.26

I am sure there are better ways to configure for this scenario and routing is done only on the cisco 1710 to ensure internet acess for everyone.

rgs

roghen

Anand Narayana · ‎08-27-2006

Hi Rsab,

your requirement is, you wanted different vlan pc's to get connected directly to internet, & the ADSL router is residing in vlan 1 & all the pc's are residing in vlan 2, 3 etc.... so simply

jus add "ip route 0.0.0.0 0.0.0.0 vlan 1". & gateway ip address for all the pc's should be respective vlan ip address created in the router.

hope this helps.

don't forget to rate the post.

rsabapathee · ‎08-28-2006

hi there,

thx for your response.

however i am a bit confused by the routing given

ip route 0.0.0.0 0.0.0.0 vlan 1 --> Basically everything is routed to vlan 1. Currently vlan 1 default-route is the ip address of ADSL router. That command as given cannot be configured in the router. Guess should be

ip route 0.0.0.0 0.0.0.0 vlan_1_ip_address??

gateway ip address for all the pc's should be respective vlan ip address created in the router. ??? confused with it. PCs in vlan 2 is configured with default gateway of 192.168.2.1. Is this what you are referring to?

thx

rsabapathee · ‎08-28-2006

also

wont this routing "ip route 0.0.0.0 0.0.0.0 vlan 1" cause broadcasts from vlan 2, 3, etc..to be transmitted to vlan 1??

Anand Narayana · ‎08-28-2006

Hi,

once if you specify the "ip route 0.0.0.0 0.0.0.0 vlan_1_ip_address", & specify the respective gateway ip address to the respective vlan pc's, YES you can reach the internet, but one thing i wanted to know whether the vlans are created in the router or on a seperate switch?

rsabapathee · ‎08-28-2006

the vlans are created on sub-interfaces on the router itself.

i.e.

int fastethernet 0.2 --> vlan 2

encap dot1q 2

ip address 192.168.2.1 255.255.255.0

To SUMMARIZE:

To 1710 Router I add:

ip route 0.0.0.0 0.0.0.0 192.168.1.1

ip default-gateway 192.168.1.26 (192.168.1.26 is ip of adsl router, this is already configured on router)

VLAN 2 PC, configured as:

ip address: 192.168.2.x

mask: 255.255.255.0

Gateway: 192.168.2.1

rgs

roghen

rsabapathee · ‎08-28-2006

just tried the above setup but i get a message saying:

ip 192.168.1.1 is ip address of router. does it mean i need to add an ip address, say 192.168.1.2 and assign it as ip address of VLAN 1.is that correct?

Also what will happen to broadcasts on VLAN 2 with the above route. will it be transmitted on VLAN 1?

rgs

Anand Narayana · ‎08-28-2006

Hi,

the command should be "ip route 0.0.0.0 0.0.0.0 192.168.1.26" because 192.168.1.26(ur ADSL Router) is pointing towards the internet & NOT "ip route 0.0.0.0 0.0.0.0 192.168.1.1" also remove "ip default-gateway 192.168.1.26"

rsabapathee · ‎08-28-2006

thx buddy.

basically its the same as described in my second post above.

I will then need to add the routes described above in my adsl router for people to get access to the internet. Thats is what I am doing currently.

I am looking for a solution whereby I need not add any routing in my adsl router.

Anand Narayana · ‎08-28-2006

you need not do any routing in ur adsl router, all u need to do the routing in ur 1700 series router.

rsabapathee · ‎08-28-2006

i tested as you say. People in vlan 2 dont get internet access if I dont add the routing below in the adsl router as well.

route 192.168.2.0 255.255.255.0 192.168.1.26