2 VLANs Cisco switch 3560

Hello IT community. I have the following issue going on.

I just finished configuring the native VLAN, subnet 10.1.10.x/24

My boss decided that we should create another vlan for a LAB with the following address 172.16.1.x/24

Here's my question, how do I create VLAN 20 for 172.16.1.x/24 on switch 3560?

DHCP and DNS are services running on a Windows 2008 R2, but I will like to config VLAN 20 getting DHCP/DNS services from 10.1.10.1 (our firewall ASA 5515X)

Thanks in advance.
Katrach0System AdminAsked:
Who is Participating?
 
Katrach0System AdminAuthor Commented:
How the network was setup.
What we ended up doing.
0
 
Don JohnstonInstructorCommented:
By native, I assume you mean VLAN 1?

conf t
ip routing
vlan 20
int vlan 20
 ip address 172.16.1.1 255.255.255.0
 no shut
int f0/1 (or whatever interface a VLAN 20 device is connected to)
 switchport access vlan 20
 switchport mode access
end

Open in new window

0
 
Katrach0System AdminAuthor Commented:
I will try this, (question) will VLAN 20 use the same ip as vlan1 as its gateway?
I also only have this switch.
0
Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

 
Don JohnstonInstructorCommented:
VLAN 20 devices will use the IP address assigned to the VLAN 20 interface.
0
 
Katrach0System AdminAuthor Commented:
Do I have to do anything on the ASA 5515 so VLAN 20 devices will get internet access?
How will VLAN 20 devices will connect to the internet?

I appreciate your input on this topic.
0
 
Don JohnstonInstructorCommented:
Do I have to do anything on the ASA 5515 so VLAN 20 devices will get internet access?

Can't say for certain. But if the ASA is configured to only allow the 10.1.10.0 network internet access, then it will have to be configured.

How will VLAN 20 devices will connect to the internet?

Don't know. I'm guessing through the ASA.
0
 
Katrach0System AdminAuthor Commented:
Right, my question is based on that I already did what you said, and VLAN 20 can't still access the internet.
0
 
Don JohnstonInstructorCommented:
If the 3560 has a default route which points to the ASA, the ASA has a route to the 172.16.1.0 network and the ASA is configured to translate and allow the 172.16.1.0 network access to the internet, then it should work.
0
 
Katrach0System AdminAuthor Commented:
Confirmed, will try what you just said, will keep updated.
0
 
lruiz52Commented:
If you are going to have the asa assign dhcp addresses VLAN 20 you will need to create a dhcp scope on the ASA for vlan 20, you will also need to set the ip-helper address on the vlan 20 SVI

conf t
vlan 20
int vlan 20
 ip address 172.16.1.1 255.255.255.0
 ip helper-address 10.1.10.1
 no shut
end
0
 
Marius GunnerudSenior Systems EngineerCommented:
ASA 5515?  is that a typo? should be a 5505.

He is going to use the ASA as a DHCP server therefore the ip helper-address is not required.

As mentioned earlier, you will need nat statement on the ASA and also a ACL permit statement.
0
 
Katrach0System AdminAuthor Commented:
I've requested that this question be closed as follows:

Accepted answer: 0 points for Katrach0's comment #a38501906

for the following reason:

Thanks all for your input.
0
 
Don JohnstonInstructorCommented:
A question(s) were asked and answers were provided.
0
 
Katrach0System AdminAuthor Commented:
What's objection here?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.