cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
354
Views
0
Helpful
8
Replies

vlan routing going out thru the router setting

ddicky
Level 1
Level 1

How should I set my router inorder to allow 2 network going out thru the router and my router ethernet is connecting back to L3 switch which is doing all the routing.

For etc my network 192.168.1.x & 192.168.2.x. The router ethernet is on 192.168.1.x.

Any advise on the setting.

8 Replies 8

rwiesmann
Level 4
Level 4

Hi

Make a Default Route on the L3 Switch pointing to the router. I guess you try to

go to internet via this router?

On the router you just have to add a static route for the 192.168.2.x Network

which points to the L3 Switch. The 192.168.1.x is known by the router because it is directly connected.

If i understand you problem correct that's should be it.

Regards

Roger

ddicky,

I don't know if you had a chance to see my reply to this question when you asked it in the "LAN Switching and Routing" section, under "accessing thru router from multiple vlan". But just in case you missed it, here's a link:

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40.ee9abad/0#selected_message

It says the same thing that Roger said, only not as short and to-the-point.

Hi response from you guys certainly help me out.BTW if I would like to control only 3 partilcular ws under the segment 2 to access thru my router,how should I go with it?Can the access-list be in control blocking on the router or the L3 switch.

hi

If you only like to have access from three workstations i would either use

just three static host routes or an ACL.

If you make a good addressing scheme you probably could even group the

host which you need to forward and you can then include all the hosts in one static route.

I would prefer the a setup with three static host routes, this way you only forward traffic for the needed hosts the rest will be dropped and there is no need to forward it and then drop it anyway. Hope i did understand you question

correct.

Roger

thks it make sense from your explanation.How should I configure it from the router for etc I would like to allow just 2 ws 192.168.2..1 & 192.168.2.2 to go thru and as I mention my router ethernet IP are 192.168.1.1.Pls advise

Hi

Just add on the router the two host routes pointing to the L3 Switch instead of

the hole network.

Like:

ip route 192.168.2.1 255.255.255.255

ip route 192.168.2.2 255.255.255.255

In addition you can also apply a ACL on the router

Roger

Hi thks i got it works.

BTW how should the ACL should be if I would like to apply acl on it base on the same requirement.2 ws.

hi

There are different way you can implement an ACL. First of all in or out on

an interface. Second you can eather filter by source only or also based on source and destionation ip. You even could go further on port level.

But i guess you like to access the internet from this ws. and only allow this ws?

Then you can uses a standart ACL only based on source ip's because you do

not know the addresses out there.

access-list 10 permit host 192.168.2.1

access-list 10 permit host 192.168.2.2

If you also like to allow segment 1 add:

access-list 10 permit host 192.168.2.1

access-list 10 permit host 192.168.2.2

access-list 10 permit 192.168.1.0 0.0.0.255

Apply the ACL incoming on the router on the interface.

Hope that helps

Roger

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: