C3750 Layer 3 Switching and VLANs

Hi There,

I have the task of installing a new C3750 switch into an existing ip network. The existing network is just running a basic layer2 switching setup with daisy chained switches. They have a HP core switch that will do vlan tagging but will not actually separate networks into VLANs if that makes sense. I am tasked with installing a new L3 C3750 and providing 3 separate VLANs (all with the same IP network (but different masks) - otherwise it means readdressing everything!) and I need to filter traffic out between the VLANs. Has anyone got any example configs on how I can configure these VLANs and the router inside the Switch? Any ACL filtering examples would be greatly appreciated! I am new to VLANS and especially L3 Switches :-/

Thanks

Ryan

Reply to
ryanfinnerty
Loading thread data ...

Hi Ryan,

Can you provide any current sceerion diagram to make the scenerio clear,

Untill now i only understood that you wantto install 3750 Switch as VLAN Tagging Server with restricted access.

Thanks, NETADMIN

Reply to
NETADMIN

Hi,

Thanks for the super fast reply. I think I should take the HP and the VLAN tagging out of the loop first - so ignore the HP. I need to install a new C3750 L3 Switch.

I need to create 3 VLANs, 1x Terminal Servers (VLAN2) , 1x Clients/Workstations (VLAN3), 1x Management (VLAN4). I need to ensure that the Clients can only access the Terminal Servers on TCP3389 and I need to filter out ALL other traffic for getting to the servers. The C3750 will be L3. Can you provide a config example for this.

Also, I will need to enable portfast on the Server ports.

Sorry I am missing out the diagram as it's just a L3 Switch with 3 x VLANS and FIltering - my first post is confusing - so I've simplifed it a little.

Reply to
ryanfinnerty

... ! interface vlan3 ip address ... ip access-group from_clients in ! ip access-list extended from_clients permit tcp any any eq 3389 deny ip any any log !

Reply to
Lutz Donnerhacke

Hi Lutz - thanks a million for the reply - I was looking into VACLs and all sorts - didn't think it was as easy as that! I am just wondering if you could also provide an example on configuring the L3 part of the switch?

Cheers

Ryan

Reply to
ryanfinnerty

Hi Lutz - thanks a million for the reply - I was looking into VACLs and all sorts - didn't think it was as easy as that! I am just wondering if you could also provide an example on configuring the L3 part of the switch?

ip default-gateway gateway IP ip classless ip route 0.0.0.0 0.0.0.0 gatewayIP

Thanks, NETADMIN

Reply to
NETADMIN

You will need to consult the usual configuration guides. They are very good.

Reply to
Lutz Donnerhacke

Hi Lutz..

Is posted snipped-for-privacy@hotmail.com not by me

Thanks, NETADMIN

Reply to
NETADMIN

Try command in global config mode no ip routing and routing between vlans will be disabled

Reply to
milsir

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.