07-01-2003 12:05 AM - edited 03-02-2019 08:32 AM
How should I set my router inorder to allow 2 network going out thru the router and my router ethernet is connecting back to L3 switch which is doing all the routing.
For etc my network 192.168.1.x & 192.168.2.x. The router ethernet is on 192.168.1.x.
Any advise on the setting.
07-01-2003 12:40 AM
Hi
Make a Default Route on the L3 Switch pointing to the router. I guess you try to
go to internet via this router?
On the router you just have to add a static route for the 192.168.2.x Network
which points to the L3 Switch. The 192.168.1.x is known by the router because it is directly connected.
If i understand you problem correct that's should be it.
Regards
Roger
07-01-2003 09:14 AM
ddicky,
I don't know if you had a chance to see my reply to this question when you asked it in the "LAN Switching and Routing" section, under "accessing thru router from multiple vlan". But just in case you missed it, here's a link:
It says the same thing that Roger said, only not as short and to-the-point.
07-02-2003 05:13 PM
Hi response from you guys certainly help me out.BTW if I would like to control only 3 partilcular ws under the segment 2 to access thru my router,how should I go with it?Can the access-list be in control blocking on the router or the L3 switch.
07-02-2003 10:43 PM
hi
If you only like to have access from three workstations i would either use
just three static host routes or an ACL.
If you make a good addressing scheme you probably could even group the
host which you need to forward and you can then include all the hosts in one static route.
I would prefer the a setup with three static host routes, this way you only forward traffic for the needed hosts the rest will be dropped and there is no need to forward it and then drop it anyway. Hope i did understand you question
correct.
Roger
07-03-2003 06:05 PM
thks it make sense from your explanation.How should I configure it from the router for etc I would like to allow just 2 ws 192.168.2..1 & 192.168.2.2 to go thru and as I mention my router ethernet IP are 192.168.1.1.Pls advise
07-03-2003 11:37 PM
Hi
Just add on the router the two host routes pointing to the L3 Switch instead of
the hole network.
Like:
ip route 192.168.2.1 255.255.255.255
ip route 192.168.2.2 255.255.255.255
In addition you can also apply a ACL on the router
Roger
07-08-2003 01:57 AM
Hi thks i got it works.
BTW how should the ACL should be if I would like to apply acl on it base on the same requirement.2 ws.
07-08-2003 03:12 AM
hi
There are different way you can implement an ACL. First of all in or out on
an interface. Second you can eather filter by source only or also based on source and destionation ip. You even could go further on port level.
But i guess you like to access the internet from this ws. and only allow this ws?
Then you can uses a standart ACL only based on source ip's because you do
not know the addresses out there.
access-list 10 permit host 192.168.2.1
access-list 10 permit host 192.168.2.2
If you also like to allow segment 1 add:
access-list 10 permit host 192.168.2.1
access-list 10 permit host 192.168.2.2
access-list 10 permit 192.168.1.0 0.0.0.255
Apply the ACL incoming on the router on the interface.
Hope that helps
Roger
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: