Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Set up Vlans with just 2-3508's and 14-2950's - no routers

Can you vlan just by using the 3508's/2950's switches without a router (I want 3 vlans on 1 network segment). Is this possible, and if it is could someone point me towards some documentation that would give me specifics on how to set this up ?

What I have is 7 servers, 20 printer, 10 or 11 individual workstations (for different reasons) that run static IP addresses in the range of 10.100.0.xxx with a Mask of 255.255.0.0

Right now my dhcp server issues addresses in a range of 10.100.128.1 to 10.100.254.254 with a Mask of 255.255.0.0 - This is all Faculty, Staff and Lab computers. This is virtually everyone that is recieving a DHCP address (excluding statics of course).

I have 750 students we want to give internet access to. I want to keep them away from my servers and faculty workstations.

I would like to put the server farm on a different Vlan.

Put the Faculty and staff on another Vlan

Put the students on a seperate Vlan (so they could never see the faculty computers).

Again Is this possible without another router just my 2-3508's and my 14-2950's

Thanks rjm

1 REPLY

Re: Set up Vlans with just 2-3508's and 14-2950's - no routers

Hi,

I'm not sure if I understand correctly your plans.

But generally:

You can separate your students, faculty and servers putting them to different VLANs using just switches.

You need a separate DHCP server (or using static IP addresse) in each VLAN then.

But any time you want to interconnect VLANs you need a router.

You can use ACLs (Access Control Lists) on the router to filter traffic between VLANs. You can permit the Faculty to access the Server VLAN, e.g., and deny the students to access it. And you can permit anybody to connect to the Internet, e.g.

You can even use one DHCP server for all VLANs (using IP helper command on the router) giving each VLAN IP addresses from different IP address range.

Read http://www.cisco.com/warp/public/473/lan-switch-cisco.pdf for basic VLAn explanation, http://www.cisco.com/warp/public/473/50.pdf for interVLAN routing, http://www.cisco.com/warp/public/473/100.pdf for DHCP server details.

Regards,

Milan

107
Views
0
Helpful
1
Replies