Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Help Needed!

A small business that has two locations with roughly 50 users per location.

Site A is the “Corp” office and houses the Accounting( 4 people ), Marketing( 10 people ), Sales( 10 people ) and Design teams( 6 people ).

Site B is the “Factory” office and houses the Engineering( 20 people ), Testing( 15 people) and Shipping teams (10 people).

The Accounting, Marketing, Sales, Shipping and Design teams need to have access to common and separate Database Servers. One server per team, and one shared server.

The Engineering, Testing and Design teams need to be able to have access to common and separate Database Servers. One server per team and one shared server.

The sites are roughly 20 miles apart.

The Corp site needs internet access for the Marketing teams research.

The Factory site only needs access to the Corp sites infrastructure.

Design and diagram a network to accommodate the requirements stated above given the limited information.

Design should in use at the very least: Routing, Subnetting & ACLs.

Can any1 please help me to achieve the above target?

Thanx a ton in advance!


Re: Help Needed!

I am sorry I do not have the time to be more analytic, but I will try to provide some general guidelines:

1) Read the text you just posted, but add the word 'VLAN' on the right of each team name you mentioned (e.g. Engineering VLAN, common VLAN, etc).

2) Normally a VLAN corresponds to a subnet that can accomodate all hosts in the VLAN (consider also any needed router addresses on the same VLAN).

3) Routing between VLANs should be possible since you need also access to common servers, but must be restricted with ACLs to disallow access to VLANs that are not supposed to communicate directly.

4) Routing between sites can be left to simply work without ACLs. Any needed specific policies can be applied at source or destination subnets (on router side interface in VLAN).

5) Exit to the Internet should allow exit for the subnet of the team that is supposed to use the Internet and return traffic for the specific team only.

Ok, it seems I was somewhat analytic. This keeps happening to me :-) Hope I understood well your requirements.

New Member

Re: Help Needed!


Thanks a lot for the information you have provided. I have the same idea to use vlans. But the task is given with the limited information i have posted.

Can you please help me with commands and configurations to accomplish the task?

Its a challenge and i have to grab the prize :)

Re: Help Needed!

You need to decide on the networks and subnets first. The commands are rather easy and I will have to ask for other regular members to respond in this case if they can, because I am really busy tonight and I cannot analyze this case further (although what I really think is that you should give it a shot yourself to make sure you actually deserve the prize you are about to receive :-)

New Member

Re: Help Needed!


Thanx a ton man!

I can't start anyways, I am veryyy new to networking. :D

Re: Help Needed!

Why everybody keeps calling me a man here? Do not assume you are talking to a man people!

It seems I have time for puzzles:

"A father and son are in a car. The car crashed. The father died. When the doctor saw the boy said: Oh my God, this is my son!" Resolve how is this possible :-)

Needless to say I was I was one of the few people that resolved this right away :-)

Re: Help Needed!

You need to do your subnetting work first as I stated previously. Then you create the vlans in switches. Then you assign host ports to vlans (access ports). You also connect router to switch (switch can be L3, but I will assume you have a separate router). You create trunk ports for the connected router interfaces on the switch side. On router side you configure subinterfaces for the corresponding VLANs and assign IP address on those router subinterfaces. You create ACLs according to the policies of your network and typically apply them close to source or destination depending on what fits best. You apply the ACLs to router interfaces or subinterfaces.

Do a search on CCO to see how you can create VLANs, access ports, trunk ports, router subinterfaces for dot1q and ACLs. And try to learn how to subnet.

CreatePlease to create content