Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

basic configuration

Hi i have a network basic design.Actually we have a router,one core swtich and 29 access swtiches.All the access swtiched connecting to core swtich via Fibre.Here the user id only going to connect to internet.Please provide what the informations need to be configured in router,core switch and access switch and also the routing required to the access internet.And natting rule if required.Please help me as this is very urgent.Thanks in advance.

6 REPLIES

Re: basic configuration

Hi Friend,

Let us know the model number of the core and the access layer switches.

To fit in this design let us start with the access layer first.If we are running multiple vlans on the network access layer then you have to trunk the interface connecting to the core switch. You have to configure inter-vlan routing on the core switch, if its a layer 3 switch.Otherwise we have to set it on router.

Once we have all the intervlan-routing working fine, then point a default route towards the router connected to the core switch.

conf t

ip route 0.0.0.0 0.0.0.0

You also have to add the reverse routes for all the vlans on the router to forward the traffic back to the vlans.

conf t

ip route x.x.x.0 255.255.255.0 --> where x.x.x.x is the vlan ip range

Then the last and the final this is to configure the NAT on teh router to allow the internal ip addresses to be PAT on the outside interface to a global IP. Please follow the link below of Dynaimic NAT configuration.

http://www.cisco.com/en/US/tech/tk648/tk361/technologies_tech_note09186a0080093f31.shtml

HTH, Please rate if it does.

-amit singh

Community Member

Re: basic configuration

Wireless access point is going to be connected in all access switches.User are going to use wireles network.

sice the user is going to access only internet is there a necessity to create vlan or we can use 172.16.1.0

/23 mask as there is 336 Access point coming in.

what ip address should be configured in router faEth and the core switch connecting the router

Re: basic configuration

Hi Friend,

If you have a huge network, i would suggest you use Vlans and have you user traffic separated as per the different departments on the network. This will give your layer2 Vlan security, broadcast containment of the local vlan within the segment, more control on the routing and network resource access, control on the users accesbility over the network. Connect the AP's using as trunk ports to the switches and have the users work in their respective vlans.

You can configure different vlan Ip address segment as you like.The IP address on the router interface and the core switch has to be a separate subnet it will be another private range of Ip addressing. for example 192.168.1.1/24 on the router interface and 192.168.1.2/24 on teh core switch interface.

HTH, Please rate if it does.

-amit singh

Community Member

Re: basic configuration

Amit still to be more clear this project is for a residential buliding where they provide internet connectivity.Suppose if i say i create a vlan for first 15 floors and the remaining another vlan.Say vlan1 and vlan2.I will create two vlan interface on the core switch and i will assign the trucnk port for first 15 floors in VLAN2 and remaining in VLAN 3.Also route both vlan interface traffic to router serial interface.Am i right?Correct me if i am wrong.

Thanks

Re: basic configuration

Hi friend,

You are closer to it. The way it will work is that you will assign the switch ports to their respective vlans that you want. Then configure the ports on the core switch connecting to the access switch as trunk ports.

conf t

int fa x/y

switchport trunk encapsulation dot1q

switchport mode trunk

If your Core switch is a layer 3 switch, then you have to just create the Switch virtual Interface (SVI) i.e layer3 interfaces on the switch like

conf t

ip routing

int vlan 1

ip address x.x.x.x y.y.y.y

no shut

int vlan 2

ip address z.z.z.z c.c.c.c

no shut

This enable routing between the vlans on the switch.

If your core switch is layer 2 only then we have to do inter-vlan routing on the router. Just configure the port connected to the router as trunk port on the switch and then configure the sub-interfaces on the router like

conf t

interface fa 0/1.1

encapsulation dot1q 1

ip address x.x.x.1 255.255.255.0

no shut

interface fa 0/1.2

encapsulation dot1q 2

ip address y.y.y.1 255.255.255.0

no shut

This will take care of the routing part on your whole network. then configure the NAT and you will be good to go.

Please read the documentation below of more insight to it.

http://www.cisco.com/en/US/tech/tk389/tk390/technologies_configuration_example09186a00800949fd.shtml

This will come handy for sure.

HTH, Please rate if it does,

-amit singh

Community Member

Re: basic configuration

Amit it really helped me a lot.Thanks.Last and final question.If the serial interface has the public ip and the privte traffic has to be routedDo we have to use any routing protocol.Say if the serial interface connectiong to internet has 200.1.1.2. and the internal is as said before.

Thanks

185
Views
0
Helpful
6
Replies
CreatePlease to create content