Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

VLAN setup

I'm new to this so please forgive my ignorance. My question: How can I set up two VLANs that maintain security between the two (VLAN1 cannot access VLAN2 and vice versa). We have a Cisco 1721 router (ver 12.3) and a HP Procurve 2524 switch. Do I have to configure both the switch and router for this, i.e. both router and switch have the same VLAN configuration? I would appreciate any config examples, help or advice you can give.


Re: VLAN setup


welcome to the forum. Now about your questions: if you want to separate VLANs you do not need a router.

two VLANs are separated in a switch and can only communicate with each other through a router.

Please refer to your HP documentation on how to setup two VLANs in a HP switch.

For a Cisco router you can setup two VLAN subinterfaces and control connectivity through access-lists.

In the example below VLAN 10 and 20 will not communicate but all other traffic is allowed.

interface FastEthernet0

no ip address

interface FastEthernet0.10

description VLAN 10

ip address

encapsulation dot1q 10

ip access-group 110 in

interface FastEthernet0.20

description VLAN 20

ip address

encapsulation dot1q 20

ip access-group 120 in

access-list 110 deny ip

access-list 110 permit ip any

access-list 120 deny ip

access-list 120 permit ip any

Hope this helps! Please rate all posts.

Regards, Martin

New Member

Re: VLAN setup

Thanks for the help! I appreciate it!

CreatePlease to create content