1. Home
  2. Cisco Systems
  3. How do I vlan my already subnetted address?

How do I vlan my already subnetted address?

I have an already subnetted group of addresses, 154.225.66.176 / 28 to be exact. That's 14 addresses to work with and I can't obtain more. Now I am realizing that I want to isolate traffic and split it so that one group doesn't see the traffic of the other group. I don't need to route traffic between the two new vlans. I want to stick only a few of machines on one vlan and the rest on another. How do I do this and program this on my cisco switch? Please keep in mind I can't obtain another pool of ip addresses, this is all I have to work with. Here's my current device / ip address list:

154.225.66.177=router

154.225.66.178=switch

154.225.66.179=pc 1

154.225.66.180=pc 2

154.225.66.181=printer

154.225.66.182=printer

154.225.66.183=printer

154.225.66.184=pc 3

154.225.66.185=access point

154.225.66.186=pc 4

154.225.66.187=pc 5

154.225.66.188=pc 6

154.225.66.189=pc 7

154.225.66.190=pc 8

vlan1 will include (177 to 185) and vlan2 will include (186 to 190).

Thanks!

Reply to
Marshall Lymer
Loading thread data ...

On 24.04.2005 13:51 Marshall Lymer wrote

If there is no need for both Vlans to talk to each other, simply make two Vlans and put each port into the correspondant vlan. Done!

As you didn't tell us what switches you are using (CatOS or IOS) I can't give you any implementation advice.

Arnold

Reply to
Arnold Nipper

Reply to
Marshall Lymer

On 24.04.2005 17:09 Marshall Lymer wrote

! ! VLAN 10, ports .177 to .185 ! interface range FastEthernet 0/1 - 9 switchport access vlan 10 ... ! ! ! VLAN 11, ports IP .186 to .190 ! interface range FastEthernet 0/10 - 14 switchport access vlan 11 ... !

Note that PCs in VLAN 11 don't have access to the router as this router is in VLAN10.

Arnold

Reply to
Arnold Nipper

Thanks. That was easy enough. Now since you say that the router is in VLAN

10, the PCs in VLAN 11 obviously won't have access to the router. I don't want to implement interVLAN routing, but there must be a way to make the port that has the router attached to the switch (on ours its fa0/24) part of both VLANS so that the PCs in VLAN 11 will be able to get to the router.

Thanks again! You've been helpful.

Reply to
Marshall Lymer

On 24.04.2005 18:42 Marshall Lymer wrote

Make the router port a trunk port, and configure subinterfaces on the router. But be aware that the IP config then looks very ugly.

Arnold btw: Your email adress bounces ...

: host sdsu.edu[130.191.229.14] said: 550 5.1.1 ... User unknown (in reply to RCPT TO command)

Reply to
Arnold Nipper

Arnold,

Assuming that this config used sub-interfaces on the same router, wouldn't another IP address be required for the 2nd sub-interface.

I have never seen a config where 2 x sub-interfaces were part of the same network range. Would this be valid - just wanted to clarify to help my understanding.

Regards

Darren

Reply to
Darren Green

On 24.04.2005 20:39 Darren Green wrote

usually that would be the way you do it.

No, you (still) can't do that. But maybe you can

  • leave the 2nd sub-interface un-numbered
  • turn on proxy-arp
  • route each PC's address to the 2nd sub statically

as said, very ugly, but it might work,

Arnold

Reply to
Arnold Nipper

On 24.04.2005 13:51 Marshall Lymer wrote

You might also want to look into the Private VLAN feature

formatting link

Arnold

Reply to
Arnold Nipper

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.