?
Solved

Creating 2 separate networks

Posted on 2012-08-28
7
Medium Priority
?
755 Views
Last Modified: 2012-08-31
Hello,

I have a environment that needs to be separated into 2 networks that network A can not talk to network B but can still both have internet access. There are about 10 computers on both sides.  They are using a adtran netvanta 3200 for their router.  Looking for options. Vlan? A way to subnet them?
Also they do not have a server.

Thanks,
JandS
0
Comment
Question by:jands
  • 3
  • 3
7 Comments
 
LVL 25

Accepted Solution

by:
Ken Boone earned 2000 total points
ID: 38342515
If the netvanta has 2 ethernet interfaces you can cannot 1 ethernet interface into a swithcport in vlan A and then, the other ethernet interface into a switchport in vlan B.  Then you would need an ACL on the netvanta to prevent vlan A from talking to vlan B and vice versa.  One switch you would simply have layer 2 switchports either in vlan A or vlan B.

Yes they would be 2 different subnets.
0
 

Author Comment

by:jands
ID: 38342539
I beilve it only has one interface.
0
 
LVL 25

Expert Comment

by:Ken Boone
ID: 38342595
Sorry, mean to add that if it only has 1 interface you should be able to configure it as an 802.1q trunk in which you will trunk 2 vlans over the one interface between the router and the switch.  So its doing the same thing - but using 1 ehternet port.  Its refered to as router on a stick.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 22

Expert Comment

by:Reid Palmeira
ID: 38343286
On the 3200's you can setup two different vlans, and as already noted, create subinterfaces and split them off onto different VLANS. Remember to setup the swtich port as a .1q trunk.

You can then also setup the ACL's in the router to explicitly block traffic. Something like the following

interface eth 0/1.5
  description DATA
  vlan-id 5
  no shutdown
  ip address 192.168.1.1 255.255.255.0
  access-policy PRIVATE
  qos-policy out OUT
!
interface eth 0/1.10
  description VOIP
  vlan-id 10
  no shutdown
  ip address  10.10.10.1  255.255.255.0
  access-policy PHONES
  qos-policy out OUT

ip access-list extended NAT-PHONES
  deny ip 192.168.1.0 0.0.0.255 10.10.10.0 0.0.0.255
  permit ip 10.10.10.0 0.0.0.255  any    
!
ip access-list extended NAT-PRIVATE
  deny ip 10.10.10.0 0.0.0.255 192.168.1.0 0.0.0.255
  permit ip 192.168.1.0 0.0.0.255 any

ip policy-class PRIVATE
  nat source list NAT-PRIVATE interface ppp 1 overload

ip policy-class PHONES
  nat source list NAT-PHONES interface ppp 1 overload
0
 

Author Comment

by:jands
ID: 38355122
After setting up the trunk on eth0 on the adtran 3200.  Then I will also have to setup the eth port on the switch that is connected to the 3200 with trunking as well?  I would assume I would need to make both ports available for trunking, just double checking.  Also I am thinking of getting a cisco switch for them, although the adtran 3200 is not the same company, but with the 802.1q standard I shouldn't have a issue correct?
0
 
LVL 25

Expert Comment

by:Ken Boone
ID: 38355173
That is correct both ends of a trunk need to be configured as a trunk.  So yes the switchport will need to be configured as a trunk as well.  Yes you will not have any problems with a cisco switch as 802.1q is an industry standard.
0
 

Author Closing Comment

by:jands
ID: 38355568
Thank you very much, You have made my job easy.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

During and after that shift to cloud, one area that still poses a struggle for many organizations is what to do with their department file shares.
This article will show you step-by-step instructions to build your own NTP CentOS server.  The network diagram shows the best practice to setup the NTP server farm for redundancy.  This article also serves as your NTP server documentation.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question