arefone
asked on
Configuring two vlans on Cisco 877w router
Hi,
Can anyone explain step-by-step how to configure two vlans on cisco 877w router, and be able to ping between hosts on both vlans, and be able too, to ping between vlans interfaces on the router?.
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 15.1(2)T1, R
Appreciate your help.
Can anyone explain step-by-step how to configure two vlans on cisco 877w router, and be able to ping between hosts on both vlans, and be able too, to ping between vlans interfaces on the router?.
Cisco IOS Software, C870 Software (C870-ADVIPSERVICESK9-M), Version 15.1(2)T1, R
Appreciate your help.
ASKER
Those instructions are not good for the router I mentioned.
why?
ASKER
Because my router is a SOHO one, I got this error:
SOHO-R1(config)#interface FastEthernet 3.1
^
% Invalid input detected at '^' marker.
SOHO-R1(config)#interface FastEthernet 3.1
^
% Invalid input detected at '^' marker.
ASKER
the "^" is located under the "F" of FastEthernet
Do
Show run
See what kind of interfaces you have
Show run
See what kind of interfaces you have
ASKER
Interface IP-Address OK? Method Status Protocol
ATM0 unassigned YES NVRAM administratively down down
BVI1 xxx.xxx.xxx.xxx YES NVRAM up up
Dialer1 unassigned YES NVRAM up up
Dot11Radio0 unassigned YES NVRAM up up
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
NVI0 xxx.xxx.xxx.xxx YES unset up up
Virtual-Access1 unassigned YES unset up up
Vlan1 unassigned YES NVRAM up up
ATM0 unassigned YES NVRAM administratively down down
BVI1 xxx.xxx.xxx.xxx YES NVRAM up up
Dialer1 unassigned YES NVRAM up up
Dot11Radio0 unassigned YES NVRAM up up
FastEthernet0 unassigned YES unset up up
FastEthernet1 unassigned YES unset up down
FastEthernet2 unassigned YES unset up down
FastEthernet3 unassigned YES unset up down
NVI0 xxx.xxx.xxx.xxx YES unset up up
Virtual-Access1 unassigned YES unset up up
Vlan1 unassigned YES NVRAM up up
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Hi Syed,
Thats it! it worked!
Should I configure a trunk port on the router to make the two vlans on the switch to comunicate between them?
Thats it! it worked!
Should I configure a trunk port on the router to make the two vlans on the switch to comunicate between them?
Thanks for the comments....
better to Make trunk...
better to Make trunk...
ASKER
one more question Syed, can you explain how to apply access lists between the vlans on the router?
post you VLAN number and IP Address, i will try to post full configuration for you....
ASKER
VLAN10 - 192.168.0.253
VLAN20 - 192.168.20.253
VLAN20 - 192.168.20.253
ASKER
I am confused in the directions, for example, if I want to block the access to the VLAN10 to all except one host, have I apply the access list in the "in" or "out" direction?
please send me "SANITIZED" configuration...
and let me know what you want...
Cisco 877 support web interface... try to put https://yourcisco877vlan1ip in your browser.
and let me know what you want...
Cisco 877 support web interface... try to put https://yourcisco877vlan1ip in your browser.
ASKER
Ok,
I want to block hosts on VLAN20 from accessing to VLAN10, as I told you, I am confused about the direction in which I have to apply the acls.
What sanitized configuration do you need ya basha?
I want to block hosts on VLAN20 from accessing to VLAN10, as I told you, I am confused about the direction in which I have to apply the acls.
What sanitized configuration do you need ya basha?
Dear,
VLANs provide communication to HOST and not the ACL/FW....
ACL are used to provide limited access from WAN>LAN or LAN to WAN.
VLANs provide communication to HOST and not the ACL/FW....
ACL are used to provide limited access from WAN>LAN or LAN to WAN.
ASKER
But you can use then even between vlans, isn't?
once you enable ip routing or INTER VLAN ROUTING all vlans are accesable... this is why SA use VLAN...
ASKER
Hi Syed, its all clearer now, thanks again.
Ps: enta men ay balad?, ana 3arabi men felesteen!
Ps: enta men ay balad?, ana 3arabi men felesteen!
You are welcome...
apart from your ACL question i was doing a test in my LAB... you can put ACL with VLANS also from LAN to LAN but you may need to open ports eg...
DNS
HTTPS
HTTP
ICMP
..........
apart from your ACL question i was doing a test in my LAB... you can put ACL with VLANS also from LAN to LAN but you may need to open ports eg...
DNS
HTTPS
HTTP
ICMP
..........
ASKER
What I'm trying to do is:
1. Block any traffic from VLAN B to VLAN A
2. Block any traffic except http, https, messengers app from VLAN B to internet
I think I'm at a good point right now.
1. Block any traffic from VLAN B to VLAN A
2. Block any traffic except http, https, messengers app from VLAN B to internet
I think I'm at a good point right now.
Dear,
you are right...
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080100548.shtml
if you need more help please make new question so other Experts can also participate.
you are right...
http://www.cisco.com/en/US/tech/tk648/tk361/technologies_configuration_example09186a0080100548.shtml
if you need more help please make new question so other Experts can also participate.
ASKER
Great link thank you.
Shukran Syed.
Shukran Syed.
You are Welcome.....:)
ASKER
Syed, may I ask you your email address?
smusman@alubafbank.com
http://www.networkstraining.com/cisco-router-on-a-stick-with-switch/