Re: Network Routing

londint · ‎07-03-2002

I have 2 networks attached to a VLAN e.g. 172.15.0.0/16 and 10.22.37.0/24. On each workstation I have a default gateway to 172.15.2.100 which is also a firewall. I usually have to enter a static route on this workstations to get to the 10.22 network and other network and this is becoming laborious. I would really like to do this on the router once and for all. But when I enter

- ip route 10.22.0.0/16 10.22.37.254 ( HSRP on the VLAN ) - it says this is this router address.

Please how do i route traffic for the workstation going to the 10.22 and other network on the router. Will i have to use access - list. And if i do, is the following correct

access-list 10 permit 10.22.37.0 0.0.0255 172.15.0.0

access-list 10 permit 172.15.0.0 0.0.255.255 172.15.2.100

and apply it as

access-group 10 in or out on the VLAN interface?

This is so that when users request for a 10.22 network address, they get sent to the router and not trying to go out via the 172.15.2.100 address

Your help is highly appreciated.

faheyd · ‎07-03-2002

I'm a little put off the track with the HSRP on the VLAN thing, but in any case, for the VLANs to speak to eachother, you have to route between them. One way is to use 'sub-interfaces' on your router. See http://www.cisco.com/univercd/cc/td/doc/product/lan/cat5000/rel_5_2/layer3/routing.htm#xtocid302342 , http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sft_6_1/configgd/routing.htm and http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/ios127xe/config/vlans.htm .

This is initially a high learning curve in the beginning but once set-up makes perfect sense. READ READ READ. How a VLAN packet is encapsulated is most important.

Once you have the VLAN routing working, then you can play with Access-lists.

Have fun!