Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.


I am given two desktops of IP & 192.168.2/10/24 connected to a L2 switch with a single VLAN [VLAN -1]. A router is connected to this switch with the routed interface IP How do I get these two systems to talk to each other ?


Re: Ping!

You need to create an additional VLAN on the switch, assign access ports to the VLANs, configure a trunk (802.1Q most likely) between the switch and the router, and configure sub-interfaces (, and perhaps) on the router's physical interface.

You'll have to determine whether your router supports VLANs. Typically, this will have to be a FastEthernet interface (min.).

The two sub-interfaces are used as default gateways for the two VLANs. Hosts use the gateway address within their Network ID, and the router facilitates inter-VLAN routing. Traffic between the two VLANs traverses the trunk twice.

The following document will help with the understanding, even if it is not the exact hardware being used:

Re: Ping!

Thanks. I'll go through the doc. sent.

The requirement is that all teh ports on the switch needs to in VLAN -1 only with two systems having IP addr & The router's IP [eth IP ] being With these, I need to get the two PCs communicate.

Re: Ping!

Your original post did not state that all systems needed to be in the same VLAN.

With the existing network masks, each host will determine that the other is not on its network, and that the services of a router are required to communicate with the other host.

One of your hosts has a default gateway, the other does not. That is the key issue you have to overcome.

You could change the network mask to /22 to create a supernet address range ( - Then the hosts would not need to use the router to communicate with one another. This would require configuration of a new mask on all interfaces though.

FYI: A /23 mask would have only facilitated and, which would have required re-addressing of the devices.

Re: Ping!

I did try that out & it did work. So, does that mean, it is not possible to have the two systems communicate if they are in /24 network ?

Re: Ping!

We usually have a single subnet per VLAN ? Is there any possiblity of having multiple subnets over a single VLAN ?

Re: Ping!


A VLAN is a single broadcast domain.

Multiple subnets means multiple broadcast domains, and that a routing function would be required to facilitate communication between hosts in separate subnets.

Re: Ping!

A host with 192.168.2.x/24 will apply its network mask to its own IP address and the address of the host it is trying to reach (192.168.1.x), and compare the results.

Since "192.168.2" is not the same as "192.168.1", it will conclude that the other host is not directly reachable, and therefore the services of a router are required.

Since the host is not configured with a default gateway on network, it will drop the packet.

This will be my last response for the day.

Best Regards,

Re: Ping!

Thank you!

How do I configure at the router end ? I mean to have systems in both the subnet communicate with each other.

Hall of Fame Super Silver

Re: Ping!

I am not sure that we have a full understanding of the requirements in Deepa's situation. And while it is generally the optimum implementation to have a one to one relationship between subnet and VLAN it is possible to have 2 logical subnets within the same VLAN.

On the router you already have

ip address

you would add this to the interface configuration

ip address secondary

the use of secondary address on the router will allow both logical subnets to function on the same router interface and in the same VLAN.

As Michael was pointing out, we tend to make some assumptions about subnets and their behavior and their advantages which are based on behaviors when each subnet is a separate broadcast domain. In this case some of these assumptions would not be true. It looks like the machine at is separated from the machine at but in reality they are not.

Deepa was very specific that each host should have a /24 mask. I wonder why this is? It introduces a mismatch between the appearance of the subnet and the reality of the VLAN. What would be the problem is they were both configured with a /22 mask?



Re: Ping!

I stand corrected.

As stated, the use of the "secondary" interface command would apparently resolve his need.

The /22 mask was a side experiment that showed that the hosts would be able to communicate directly (without router assistance) when the mask placed them on the same Network ID.

I wasn't suggesting he should do it, just that if it were done, he would bypass the issue that hosts on did not have a gateway to facilitate communication with

Re: Ping!


Thanks to both of you!

I tried changing the ubnet mask & it did work earlier but since I was asked to retain the masks as /24 I across the network & make it work.

I did configure the secondary IP address & could enable the communication between the two subnets.

Thanks once again.

I've one last question. When do we come across situations when we require to configure the secondary IP address in real-time environment ?