How to configure this VLAN scenario?

malberttoo · ‎10-11-2006

Gurus,

Mine is a basic setup, with only two Vlan's, DATA (100), and VOICE (907). I have 3 Cat 3560's. I did not create this arrangement, and am quite a newb in the Vlan area.

I have a group of engineers coming to my facility for about 5 months. I want to segment them off from my network, so they can do their own thing (file server, DHCP, etc.) and not have our two networks see each other. I want them to still be able to use 3 of my CME VoIP phones (Vlan 907), and get internet access from my gateway.

Can this be accomplished by simply putting them on their own Vlan, and assigning that vlan (or Vlans, because of the phones?) to the appropriate switchports?

What would the config look like?

When a new Vlan is created on one switch, does ot automatically replicate to the other switches?

Here is what the config looks like on a typical switchport in my organization:

interface FastEthernet0/4

switchport access vlan 100

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

switchport voice vlan 907

srr-queue bandwidth share 10 10 60 20

srr-queue bandwidth shape 10 0 0 0

mls qos trust device cisco-phone

mls qos trust cos

auto qos voip cisco-phone

spanning-tree portfast

Thanks for any assistance,

Michael

mahmoodmkl · ‎10-11-2006

Hi

yes u can accomplish this by creating a new vlan.in the new vlan install a dhcp server.configure ip helper-address as the address of u r dchp server under svi of that vlan.

as far accessing the internet u can create access-list and just allow http traffic through u r gateway.and u can also just permit the voice vlan sunbet also.

for vlans to replicate from one switch to other u need to have VTP setup in ur switched network i.e u need to have a vtp server and vtp domain defined in any of u r switch which can act as a vtp server and others as vtp clients.

Thanks

Mahmood