ACCESS2008
asked on
Implementing VLANs
Our Entire network is on the default VLAN 1. The IP range is a /22 from 172.16.140.x – 172.16.143.x with only one gateway of 172.16.140.2 /22
What I want to do is be able to create VLANs within this IP scope while maintaining the current structure for a change over period. This way I wouldn't have to do everything in one shot. Unfortunately I do not believe that this is a feasible thing.
On my firewall I would have to create the structure like this.
Vlan 1 172.16.140.x – 172.16.143.x /22 GW- 172.16.140.2 (Already Created)
Vlan 141 172.16.141.x /24 GW- 172.16.141.1
Vlan 142 172.16.142.x /24 GW – 172.16.142.1
So when the computer/server/device is plugged into the switch it would have to be a port specific VLAN as to which network it is hopping on. Only issue is on VLAN 1 it has the 4 class C scope that overlaps the other VLAN ranges.
Any chance this is possible? If so it would make my life a ton easier for the changeover.
What I want to do is be able to create VLANs within this IP scope while maintaining the current structure for a change over period. This way I wouldn't have to do everything in one shot. Unfortunately I do not believe that this is a feasible thing.
On my firewall I would have to create the structure like this.
Vlan 1 172.16.140.x – 172.16.143.x /22 GW- 172.16.140.2 (Already Created)
Vlan 141 172.16.141.x /24 GW- 172.16.141.1
Vlan 142 172.16.142.x /24 GW – 172.16.142.1
So when the computer/server/device is plugged into the switch it would have to be a port specific VLAN as to which network it is hopping on. Only issue is on VLAN 1 it has the 4 class C scope that overlaps the other VLAN ranges.
Any chance this is possible? If so it would make my life a ton easier for the changeover.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
- Try to cleanup/organize your /22 first.
- Don't be afraid to use new private subnets, they're free anyway. :)
- Start moving low-priority stuff to new vlans, like printers, where you can just easily update logon scripts to map them from the new IP. Using DNS might make it easier.
- Possibly move wifi services (at least guest) to a new vlan.
- You might get approval for downtimes from management if you cite security/performance reasons.
- Don't forget to provide DHCP services to the new vlans as necessary, relayed or otherwise.
Tamas