Solved

vlans

Posted on 2013-12-21
8
423 Views
Last Modified: 2013-12-21
I need some advice on setting up a network that requires 5 different vlans. I have two layer 2 switches and a layer 3 switch. (The layer 3 switch will then be connected to a firewall which then goes to the ISP router), but I only need help first on the switches and how to configure them.

This is my setup so far

vlan 10- IT - 10.25.10.0
vlan 20- Wareshouse - 10.25.20.0
vlan 30-Sales - 10.25.30.0
vlan 40-Exec - 10.25.40.0
vlan 50-Servers - 10.25.50.0

I need to make a default gateway for each network.
Do I make another vlan for management (like 10.25.60.0) and make interface vlan .61 and .62 for the 2 layer 2 switches to login and manage?
Where do I set the default gateways for all 5 subnets, on the layer 3 switch? On the layer 3 switch do I use the interface vlan id ip address for each subnet? The default gateway for the entire network will be the inside interface of the firewall.
Just need some guidance on this.
Thanks.
0
Comment
Question by:tolinrome
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 39734189
To make things easier you will need at least one more VLAN that is for a small network between the L3 switch and the firewall.

The connection between the L2 and the L3 switch will need to be configured to support multiple tagged VLAN's (on Cisco devices this is known as a trunked  connection).

The L3 switch will need to have an IP address on each VLAN and this will be the default gateway for each of the VLAN's.

For only 3 devices I don't think you need a management VLAN.  I would assign address to the 3 devices in the "IT" VLAN.
0
 
LVL 7

Author Comment

by:tolinrome
ID: 39734198
ok so, since the L3 switch will have all the default gateways, how do I actually enter them in the switch?

I think I wouldn't use ip default-gateway command since that will be the actual devices default gateway (inside interface firewall). Which command do I use on the L3 switch for setting up the L3 gateways?


Trunks I can do, so I go that. I can create the other vlan between the L3 and firewall, so that's good, and the management vlan I'm good.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39734209
Well that depends on what type of L2 switch it is.  Not all L3 switches use the same commands.

Example on a Cisco switch it would be something like:

config t
vlan 10
state active
name IT
interface vlan 10
ip address 10.25.10.1 255.255.255.0
desc IT
vlan 20
state active
name Wareshouse
interface vlan 20
ip address 10.25.20.1 255.255.255.0
desc Wareshouse

and so on.
0
Percona Live Europe 2017 | Sep 25 - 27, 2017

The Percona Live Open Source Database Conference Europe 2017 is the premier event for the diverse and active European open source database community, as well as businesses that develop and use open source database software.

 
LVL 7

Author Comment

by:tolinrome
ID: 39734211
Ok, got it.
One last thing, how do I route all the traffic from the L3 to the inside int of the firewall?
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39734216
I am assuming that you have another VLAN/IP subnet between your L3 switch and the firewall.

You just make the IP address of the inside interface of the firewall the defualt gateway/route on the L3 switch.

What type of L2 and L3 devices do you have?
0
 
LVL 7

Author Comment

by:tolinrome
ID: 39734219
"You just make the IP address of the inside interface of the firewall the defualt gateway/route on the L3 switch."

How? #ip route command?

All cisco devices 2900's and 3560
0
 
LVL 57

Expert Comment

by:giltjr
ID: 39734226
Yes:

ip route 0.0.0.0 0.0.0.0 x.x.x.x

where x.x.x.x is the inside interface of the firewall.

Don't forget that you need to make the connection between the L2 switches and the L3 switches a trunk with all of your VLAN's allowed.
0
 
LVL 7

Author Comment

by:tolinrome
ID: 39734243
Thanks
0

Featured Post

[Live Webinar] The Cloud Skills Gap

As Cloud technologies come of age, business leaders grapple with the impact it has on their team's skills and the gap associated with the use of a cloud platform.

Join experts from 451 Research and Concerto Cloud Services on July 27th where we will examine fact and fiction.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Suggested Courses
Course of the Month8 days, 23 hours left to enroll

615 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question