Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Converge two internal LANs

Hello group,

I'm just getting back into routing after a 5 year absence. I'm looking for some sanity checks and a bit of help:

The goal is to connect two internal LANs using a 2651 then control the traffic with access lists.

I have two 10/100 Ethernet ports on this router setup like so:

Fa 0/0 - main production LAN (PLAN)

Fa 0/1 - primary and secondary on the maintenance LAN (MLAN)

The goal here is allow controlled communication between the MLAN and the PLAN using access lists. SMTP, some printing file server access etc.

Currently the MLAN is addressed using the range (a typo by the original net admin). I want to eventually get them to therefore I've setup primary and secondary IP addresses on Fa 0/1 so I can transition the addressing gradually whilst still allowing traffic from both subnets to get to the PLAN. Basically I want traffic to move through this router whether you're a or a node.

*Do I need to create an access list between the primary and secondary interface addresses permitting traffic on either range in either direction? I imagine this is how stations with 10 addresses talk to stations with 192 addresses while the addressing is in transition?

*How about getting traffic from FA 0/1 to the Fa 0/0 interface. Do I need to create access lists for both subnets ( and I imagine an access group OUT on the Fa 0/1 interface and an access group IN on the Fa 0/0 interface but it?s been so long since I've done this that I can't remember the rules.

*If I'm simply moving traffic from 0/1 to 0/0 then is a route statement even necessary since its traffic between two interfaces on the same router?

I hope I've articulated this well enough for anyone attempting an answer. I can certainly clarify if needed.




Re: Converge two internal LANs

I think there is nothing called secondary interface. Same interface is assigned a secondary address. so you need to create extended access list pointing inside of Fa/0 for both the networks .

CreatePlease to create content