Cisco Support Community
Community Member

Internet Connectivity Without LAN Connectivity

Can anyone advise what the best approach to the following hypothetical scenario would be :-

An organisation has 20 workstations each of which requires internet access, but none of which requires connectivity to any of the other workstations.

The obvious solution of a router and a switch would mean that the workstations were connected at Layer 2 and all on the same subnet. To use VLANs would seem a cumbersome solution as 20 separate VLANs would be needed.

Are there routers or router modules that would supply the 20 necessary Ethernet ports required to keep all the workstations on separate networks ? (Though this seems a cumbersome solution too).

Or, is there no practical way around this problem and the 20 workstations should just be connected to a single switch, and a router used to provide internet connectivity to the LAN ?

Thanks in advance for any advice.


Re: Internet Connectivity Without LAN Connectivity

Private VLAN seems a good option for your need.

Under Primary VLAN you can create 'isolated VLAN' which prevents hosts on a vlan from talking to each other.



Re: Internet Connectivity Without LAN Connectivity

This functionality is present on most switches we have out at this time. The two features that will give this functionality are:

-Protected ports

-Private VLANS

Higher-end switches support private VLANs, where lower-end switches support protected ports. When setting up private VLANs, you'll look to put your hosts in an 'isolated' PVLAN, where they'll be able to talk to the 'promiscuous port'(router), but not each other. On protected ports, you'll just configure 'switchport protected' on the ports you dont want to have L2 connectivity.

If you're looking to put a 3560/3750 on-site, you'll want to look at this:

For a 2960, look here:

If you're using a HWIC-4ESW or a HWIC-9ESW in an ISR router, you can look here:

Community Member

Re: Internet Connectivity Without LAN Connectivity

Many thanks for both replies, these have been very helpful. Incidentally, I was wondering if there is any Cisco documentation available on the web-site that describes how to choose the best Cisco equipment for particular networking scenarios. I am studying for my CCNA and things like access, distribution, and core switching layers are more at the CCNP level.

Are there certification exams or any Cisco Press books which cover this ?

CreatePlease to create content