Cisco 2500 Switch and Win 2k3 DHCP server on two VLANs

Posted on 2009-04-27
Last Modified: 2012-05-06

I'm sitting with a educational project here, where I am required to make two VLANs with one DHCP server.

The two VLANs isn't supposed to be able to see each other, except for the Windows 2003 DHCP server and the Active Directory. This server is supposed to give IP addresses out to both VLANs. Also both VLANs should be able to go on the internet through the WAN port on the Cisco SOHO 91 router.

I have been looking on subnetting, but I'm unsure how to do it. Also IP Helper appears to to still not give access to the internet, and Router on a stick gives full access to the other VLAN.

I hope this is understandable, otherwise feel free to fire off any comments.

The current hardware I have is:
2x Cisco 2500 Switches
2x Cisco SOHO 91
1x Win 2k3 DHCP/AD server

Edit: Oh, appears that the site didn't update my question and put it under DHCP as primary. Sorry.
Question by:Qeales
    LVL 7

    Accepted Solution

    you need only one swith on which you configure your 2 VLANs and one router to do the inter VLAN routing (router on a stick, explore this example

    than you need to apply your security policies on the router to permit only traffic destined to your AD server to be permitted between the two VLANs (using ACL).

    in order clients from other subnet to reach your DHCP server configure DHCP helper on the router interface (

    Author Comment

    Hello egyptco!

    Thanks alot for the replies.

    I've looked at my topology and I've come to realize I actually need 3 VLANs. There is only  2 LAN interfaces on the router. Can I somehow pair the two routers?
    LVL 7

    Expert Comment

    you need only one interface to route between all VLANs configured on the switch. thats why is called router on a stick;) you configure the port connected to the switch as trunk. you didn't check the above given example, did you:)

    but yes you can pair your two routers if you'd like. it depends what kind of topology you'd need e.g. you should use all your devices to achive more complicated routing lab. but for purposes of interconnecting 3 VLANs you need basicaly one router and one switch (or only switch with routing capabilities). acctually after i've checked 2500 are not switches but routers!

    Author Comment

    Hello egyptco!

    Yes, I have mean 3500 switches all along, but I take that is the same.

    After reading through the links you provided, it looks like everything is there! Thanks alot!

    Consider the question solved ;)

    Featured Post

    Do You Know the 4 Main Threat Actor Types?

    Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

    Join & Write a Comment

    Suggested Solutions

    I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (…
    Is your computer hacked? learn how to detect and delete malware in your PC
    Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    730 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now