Link to home
Start Free TrialLog in
Avatar of SIDESHOWBLAH
SIDESHOWBLAHFlag for United States of America

asked on

setup new VLAN config for existing switch on Cisco SGE2010

I have a Cisco sge2010 switch that is already in production and I need to reconfigure it to actually have multiple VLANs on it.  It has one VLAN, VLAN10 on it for the existing subnet, 192.168.1.x/24, and the firewall for the network is at 192.168.1.254 which is the default gateway for the PCs on the network as well.  But has  never been tested as the switch just pushes everything nonlocal out via the firewall/router anyway.  I need to add a second subnet for about 5 PCs that should not communicate with the existing subnet but it will need Internet access through the existing firewall.  If I add a second VLAN, VLAN20, to the unit and assign 5 ports to it, Untagged with VLAN20 as the PVID, that should be safe, hopefully, maybe at 192.168.20.x.  Can anyone give advice on how to setup a Trunk to the firewall so that both VLANs can get to the Internet and the easiest way to re-cable to the firewall with the least amount of downtime?  Also, when I move the firewall from VLAN10, can I set the IP for VLAN10 to 192.168.1.254, so that I will not need to change anything on the client PCs on that VLAN already, or is that overly optimistic?  And I have a couple of port forwards on the firewall currently into VLAN10, will these continue to work as-is if I change this correctly?
Avatar of asavener
asavener
Flag of United States of America image

What is the model of firewall you are using?
SOLUTION
Avatar of eeRoot
eeRoot

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of SIDESHOWBLAH

ASKER

Sorry, the firewall is a Sonicwall NSA2400.  It seems to require subinterfaces to get VLANs setup
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
@kmitra - why create the trunk port with the VLANs and then not physically connect it?
ASKER CERTIFIED SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial