asked on

Cisco Vlan question

Dear All

I have a valn issue would like to ask, for example if i have created 3 vlan on a cisco switch, and 3 vlan will be using different ip subnet,

int range f0/1 - 23
switchport access vlan 2

int range f0/1 - 23
switchport access vlan 3

and now the 3 vlan has been assigned to switch ports 1 - 23 (see above), just wonder if i dont create sub-interface in router, the 3 vlan computers will not be able to ping each other ? am i correct ?

if i do not want different vlan to ping each other and at the same time i want each of the vlan to access to internet, do i need to assign three dedicate lan port in the router for vlan1, vlan2 and vlan3 ? in order to achieve my wish ?

Keith

Miftaul H

and now the 3 vlan has been assigned to switch ports 1 - 23 (see above), just wonder if i dont create sub-interface in router, the 3 vlan computers will not be able to ping each other ? am i correct ?

You are partially correct.
InterVLAN routing can be done either within the switch (if that supports routing) or on the router subinterface using Router-on-a-stick.
Can you do a command, "IP Routing" on the Switch and see if that works.

=======

if i do not want different vlan to ping each other and at the same time i want each of the vlan to access to internet, do i need to assign three dedicate lan port in the router for vlan1, vlan2 and vlan3 ? in order to achieve my wish ?

You can achieve this using ACL. You do not need three dedicated LAN ports.
ACL to block communication between VLANs and NAT to allow all 2 VLANs to communicate to the internet.

Thanks.

keith li

ASKER

Can you list a example of the access list in my case above ? Thx

keith li

ASKER

is it possible to list a example of access-list for above

ASKER CERTIFIED SOLUTION

Miftaul H

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial