Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN question

is it possible to have a static ip address device connected to a vlan without the vlan ip address assigned. im trying to have all network traffic go to this particular device.

13 REPLIES
New Member

Re: VLAN question

it would be nice to know what type of device you are talking about. if you are using a switch running IOS then yes you can connect a device to a switchport in a vlan and not have the interface have a ip address assigned to it.

New Member

Re: VLAN question

the device that will be connected is a skyX gateway for tcp acceleration. how would i make all the traffic flow through this device. current config attached. the port is fa1/0 where the device resides. Is this possible to have all traffic be routed through fa1/0???

New Member

Re: VLAN question

so you are wanting all traffic coming in to this router from every interface to get routed to the accelerator? if that is correct do they not support something like wccp redirection to force the traffic there? otherwise you may want to have a default route from the route to point to the fa1/0 (this is not a clean way though I would not think).

New Member

Re: VLAN question

the router platform is a 2800 series and i am unsure if it supports the wccp feature. How would i make a default route to direct the traffic through the device? Or how would i configure wccp? what is the best method for what i am trying to do?

New Member

Re: VLAN question

If you WANT to configure WCCP, here's a short primer: http://articles.techrepublic.com.com/5100-1035_11-6175637.html

I wouldn't think this would be necessary if you are just using the gateway as a web proxy. If you're running a Windows network, you could just push down a group policy with the proxy settings to all of your users. If you want absolutely all outbound traffic diverted to this gateway, then you could configure the default route to point to it:

ip route 0.0.0.0 0.0.0.0

New Member

Re: VLAN question

would i delete the ip classless from my config? what command could i use to diagnose that the traffic is flowing to the right port.

New Member

Re: VLAN question

would i delete the ip classless from my config? what command could i use to diagnose that the traffic is flowing to the right port.

New Member

Re: VLAN question

If you are running only strict class A B or C networks, you shouldn't need ip classless on your router. If you are further subnetting any class A B or C networks, then you must use IP classless.

If the skyX gateway is between your outbound router interface and the internet then you know the traffic is going through it. If the skyX gateway is networked on the same subnet as the outbound router interface and your default gateway and the new default route has been configured, then all outbound traffic will flow to the skyX gateway.

New Member

Re: VLAN question

could you give me an example of how this config of the interfaces? i listed a config on the prior post. could you help on routing traffic to the fa1/0 port.

New Member

Re: VLAN question

If all of fa1/1 - 8 are configured to switchport access vlan 1, then you would have to ip your "interface vlan 1" on your router to the same subnet as your hosts on the fa1/1 - 8 ports. Configure this IP address as the default gateway on your hosts. The default route that I gave you earlier will push all traffic destined for an IP network not known to your router's route table through to the skyx accelerator.

If you would like to use a different vlan than 1, just replace all instances of "vlan 1" with "vlan x". Another thing you could do is put the hosts and the skyx gateway device on the same subnet and vlan and use the gateway as your default gateway on your hosts. If you are still having problems, post your current config.

New Member

Re: VLAN question

here is the current config. the sxy x is fa1/0 where all traffic needs to go through.

interface FastEthernet0/0

description unsecured test configuration

no ip address

duplex auto

speed auto

bridge-group 50

!

interface FastEthernet0/1

no ip address

duplex auto

speed auto

bridge-group 50

!

interface FastEthernet1/0

description "ACCELERATOR"

switchport access vlan 100

!

interface FastEthernet1/1

description "DV2"

!

interface FastEthernet1/2

description "STAFF4"

!

interface FastEthernet1/3

description "STAFF2"

!

interface FastEthernet1/4

description "DV1"

!

interface FastEthernet1/5

description "STAFF3"

!

interface FastEthernet1/6

description "STAFF1"

!

interface FastEthernet1/7

description "CSOSTATION"

!

interface FastEthernet1/8

shutdown

!

interface FastEthernet1/9

shutdown

!

interface FastEthernet1/10

shutdown

!

interface FastEthernet1/11

shutdown

!

interface FastEthernet1/12

shutdown

!

interface FastEthernet1/13

shutdown

!

interface FastEthernet1/14

shutdown

!

interface FastEthernet1/15

shutdown

!

interface Vlan1

no ip address

bridge-group 50

!

interface Vlan100

ip address 10.10.11.1 255.255.255.0

!

interface BVI50

ip address 10.10.10.2 255.255.255.0

!

ip classless

!

ip http server

!

!

control-plane

!

bridge 50 protocol ieee

bridge 50 route ip

!

line con 0

password 5152

login

line aux 0

line vty 0 4

privilege level 15

password 5152

login

transport input telnet

line vty 5 15

password 5152

login

transport input telnet

!

scheduler allocate 20000 1000

!

end

SIPRNet#

New Member

Re: VLAN question

Throw one of your devices on vlan 100 and give it an IP address in that subnet. Set the gateway to your accelerator. Test the connection. I assume there is some way to view connections on the accelerator. If that works, create a user vlan. IP the vlan interface. Make that IP address the default gateway for your users. Place your user interfaces in the newly created user vlan. Enter in the default route in global config mode:

ip route 0.0.0.0 0.0.0.0 10.10.11.2

--Change the 10.10.11.2 to the ip address of your accelerator.

New Member

Re: VLAN question

chris,

Just an idea!

Can we think of having a trunk-port in place of access-port for the device (if at all its NIC supports dot1q) i.e. by making it a trunk port all vlan traffic should pass through this port, isn't it?

Kindly let me know if it is doable/feasible.

--gaurav

165
Views
0
Helpful
13
Replies