• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 525
  • Last Modified:

VLAN to include existing network

Hopefully someone can help with a question about upgrading an existing network.  I have inherited a couple of separate networks and one of them will be adding WAPs soon and will want traffic split on those for business traffic and guest traffic.  So the thought was to segment the network into VLANs as there are no such thing there now. But there is an older network that is completely self contained now, with no managed switches, that would need to be able to communicate with the WAPs as well.  I do not have control of this network, so switch purchases and changes are not easily done.  So my question, if I setup a VLAN specifically for this other network on the newly configured managed switches, is there a way to connect to it and have 2-way communication with it?  Hoping for some way to tag all traffic between that old unmanaged network and the new segmented one.  And have a cable that connects the 2 so that I can treat it as another subnet.  Thanks for any advice.
4 Solutions
You should consider all traffic coming from the old network to ONE SINGLE port of your new un-managed switch (via the cable you mentioned above) as traffic coming from one single computer. Of course you can create a VLAN for this single port. The switch will tag all traffic coming to this single port and the router connected on your Trunk port on the managed switch will deal with the routing among VLANs.
SIDESHOWBLAHAuthor Commented:
I would need to create a VLAN for the single port on my side so that I could limit what traffic was passed from the unmanaged network over to my network, right?  Or will that jsut work, because his traffic will be tagged regardless?  Plus his IP subnet will be different from everything on my side of that "cable"
First of all it's not a problem that other network (3rd VLAN) would be at a different subnet.
What you would need would only the proper routing table at your router.
The traffic from the old network will reach your managed switch at the specified port. What policy you apply on this traffic based on the VLAN id applied by your switch is on you. You could e.g. apply threshold on BW consuption.
You should consider all traffic coming from the unmanaged network as one single vlan and connect it to a port on the managed switch. The port on this managed switched should be configured for Q-in-Q and it is important that non of the vlans on the unmanaged switch exist on the managed switch. For example; on the managed switch

interface FastEthernet1/0/3
description ****
switchport access vlan 103
switchport mode dot1q-tunnel
duplex full
speed 100
no mdix auto
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp

This means that all vlans on the unmanaged switch will now be addressed as vlan 103 on the managed switch and vlan 103 must not exist on the unmanaged network.

Hope this helps

This is very simple to achieve.
On your newly configured managed switch configure one port for VLAN you will be using for connection between older network (unmanaged switch) and segmented network.

If this managed switch is L3 switch, create L3 interface in that VLAN. Interface subnet should be the same as older network subnet. This IP address will be used as default gateway in older network to reach WAP networks and vice versa.

If your switch is not L3 switch you have to configure IP address on your central L3 device and trunk VLAN to that device.

Here is example what to do if you have L3 managed switch:
VLAN 10 - older network VLAN - older network subnet
Gi 0/24 - interface to connect unmanaged switch


interface Gi 0/24
  description --Interface toward older network--
  switchport mode access
  switchport access vlan 10
  no shutdown
interface vlan 10
  description --default gateway for older network--
  ip address
  no shutdown

Preferably, all hosts in older network should have address as default gateway to reach WAP subnets.


Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now