Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
555
Views
0
Helpful
2
Replies

Title: Setting up separate subnets for workstations and servers

tomwsimon
Level 1
Level 1

‎11-12-2006 03:24 PM - edited ‎03-05-2019 12:45 PM

I would like to setup my two Cisco 3560 switches with separate subnets for workstations, servers, and VPN clients (ISA Server). The switches will be connected via a Cisco SFP Interconnect cable.

Do I need a VLAN for each subnet? If I setup 10.0.1.0, 10.0.2.0, and 10.0.3.0 I will need a subnet mask of 255.255.0.0 for each subnet to talk to each other, correct? How do I configure the switches to talk to each other using the cable? Is there a good guide to setting up the switches in this manner?

I really don't want overkill. I simply need to expand the range of IP addresses available to all computers, and segmenting by subnet makes the most sense to me. I am new to Cisco, so pointing me in the right direction is all I ask.

Thanks!

Labels:
0 Helpful
2 Replies 2

glen.grant
VIP Alumni
VIP Alumni

‎11-12-2006 04:26 PM

If you use only a 16 bit mask 255.255.0.0 then the addresses you have specified are all in the same subnet . To be in separate subnets you would need to use a /24 . You would then need to create your layer 2 vlans on one switch and also the layer 3 SVI , then create a trunk across the sfp connection to carry those vlans to the 2nd switch . If you want to manage the 2nd switch then you would have to give it an address on a layer 3 SVI and give it a default gateway. Finally put the ports in the correct vlan . The config would look something like this .

conf t

vtp mode transparent

vtp domain test1

vlan 2

vlan 3

exit

Interface vlan 1

ip address 10.0.1.1 255.255.255.0

interface vlan 2

ip address 10.0.2.1 255.255.255.0

interface vlan 3

ip address 10.0.3.1 255.255.255.0

Trunk ports on "both" switches

switchport

switchport encapsulation dot1q

switchport trunk native vlan 1

switchport trunk allowed vlan 1,2,3

switchport mode dynamic desirable

--------------------------------------------

2nd 3560

conf t

no ip routing

vtp mode transparent

vtp domain test1

conf t

vlan 2

vlan 3

interface vlan 1 -- to manage the switch only

ip address 10.0.1.2 255.255.255.0

ip default gateway 10.0.1.1

0 Helpful

tomwsimon
Level 1
Level 1
In response to glen.grant

‎11-12-2006 06:09 PM

Thanks for the very helpful post. I obviously have a lot more learning to do. It appears you have left off a few commands that Cisco veterans take for granted. :)

Thanks again.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card