Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Redirecting traffic from VLAN

Hi,

We have two VLAN's

VLAN 1-192.168.18.0/24 (with secondary addressing)

VLAN 2-192.168.130.0/27

In order to migrate services to new hardware in VLAN 2, we need to divert traffic or at least determine what devices within VLAN 1 are still trying to talk to legacy VLAN 1 device?

Host routes won't work (directly connected interfaces), nor NAT (no interface to apply it to).

Is the only way to determine this via a VACL in VLAN1 with logging keywords?

Thanks,

Mark

2 REPLIES
Silver

Re: Redirecting traffic from VLAN

Can you SPAN the port connecting to the legacy device and see which hosts are talking to it?

New Member

Re: Redirecting traffic from VLAN

William,

Thanks for your reply.

I tried the VACL logging feature and it works ok, as long as you deny the packets/flows that you want to log!

I had forgot about SPAN alright.

I was wondering have you any thought on NAT and VLANS?

As in my original post, say we have a legacy vlan and hope to segment that vlan into multiple vlans/subnets as hosts get re-addressed.

Where are 'ip nat outside' and 'ip nat inside' statements required when doing this.

Example:

!

interface GigabitEthernet5/1

description Incoming Interface

ip address 172.16.1.106 255.255.255.252

ip nat outside

end

!

!

interface Vlan888

description Legacy Test VLAN

ip address 172.16.8.19 255.255.255.0

end

!

!

interface Vlan889

description DESTINATION-TEST-SVI

ip address 172.16.30.3 255.255.255.224

ip nat inside

end

!

!

ip nat inside source static 172.16.8.108 172.16.30.21

!

Is this wrong?

Thanks,

Mark

116
Views
4
Helpful
2
Replies