Using VLAN,s

Well i have a single network with at the moment 200 cleints PC,s
now i am merging 3 more networks with almost the same amount of PC,s so my network will grow 300%.
now i have 7 servers running on my LAN which provides diffrent things such as email service, internet service, computer gaming service & huge data file transfer,s "files in GB's"
my network is 10/100mbps & its not currently possible for me to upgrade to 1000mbps, so how should i use VLAN,s to optimize my network of best performace ?
for starters i am going to use cisco 2900 switch this i already have.
regards

Hi Faisi,
You can create vlans on your lan switches to create seperate broadcast domains but if you requirement is that all vlans should talk to each other then you need to have intervlan routing which is possible on layer 3 switch or some router.
You can also create vlans for your server also and keep all your servers on those vlans and get the other vlans to talk to them via intervlan routing and can restrict other vlans to talk to each other.
Like if you have vlans 3 for server and vlan 2 and vlan 1 for users you can have vlan 1 & vlan 2 to talk to vlan 3 but can restrict vlan 1 talking to vlan 2 but this is all possible if you have some layer 3 switch liek 3550 and above or some external router for intr vlan routing and configured access list to restrict traffic vlan wise.
To create vlan you can just go to global config mode and create vlan
Switch(config)# vlan 2
Switch(config-vlan)# exit
Switch(config)#
Have a look at this link as how to create vlans on global config mode
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12120ea2/2950cr/cli3.htm#wp2879531
HTH, if yes please rate the post.
Ankur

Similar Messages

  • Could I use "vlan interface" as a tunnel source of DMVPN ?

    I have a router R2811 with a 9 port FE Switch module(HWIC-D-9ESW).
    Could I use vlan interface as a tunnel source when configuring DMVPN ?
    The vlan ports is on the 9 port FE Switch module.
    Because it's used now in production,I can't try it.

    Hello.
    I think there is no restriction on software routers like 2811.
    PS: using loopback could be a better idea.

  • Which command in the Cisco AP1200 series will you use to broadcast the SSID using VLANs?

    Folks,
    Which command in the Cisco AP1200 series will you use to broadcast the SSID using VLANs?
    Thanks

    If you have enabled mbssid, "guest-mode" would be replaced by "mbssid guest-mode" this would also allow multiple ssid's to be broadcast
    -Tim
    Sent from Cisco Technical Support iPad App

  • QoS on SPA 2102 using VLAN

    I'm trying to configure quality of service on a SPA 2102 using VLAN tagging.
    But using wireshark I see that the packets exiting the ATA don't have the TOS volue correctly set.
    Is possible to give different priority to Data and voice using VLAN tagging?
    Thanks
    Enrico

    I Believe the QOS Value on The SPA are set to default and Its not possible to be change. I was able to find other forum sites for the SIPURA default  values.
    SIP TOS/DiffServ Value: 0x68 
    RTP TOS/DiffServ Value: 0xb8
    ToS 0xb8 = 10111000 = 184
    (802.1p) = 101 = 5
    (DSCP) = 101110 = 64
    ToS 0x68 = 01101000 = 104
    (802.1p) = 011 = 3
    (DSCP) = 011010 = 26
    I Hope This helps

  • Trying to create guest network on wap321 and sg200-50p using VLAN

    I have a SG200-50P and a WAP321. I am trying to create a guest wireless network using a separate VLAN on the WAP321. I have the production traffic on VLAN 1 and the guest network is on VLAN 100.
    The WAP321 is plugged in to port 7 on the switch. It is configured as follows:
    Trunk Port, 1UP, 100T, Ingress filter enabled
    The DHCP server is on port 22 and is configured as follows:
    Trunk Port, 1UP, 100T, Ingress filter enabled
    The production wireless client is able to work fine on VLAN 1.
    When I try to connect a device using the Guest network, the DHCP request does not appear to ever make it to the DHCP server. If I separate the Production network off of VLAN 1 and change the Untagged VLAN ID to a different VLAN than 1 (Management VLAN ID), the same thing happens to the client when it tries to get an IP address from DHCP.
    What am I missing here?

    I have the VLANs configured on the WAP321. VLAN 1 is the Mgmt and general VLAN and the VLAN is configured for the Guest network. I did a Wireshark trace and for some reason the pakets for VLAN 100 (Guest network) on the WAP321 are not getting to the DHCP server. I see them on the WAP321 using the packet capture, but there is not any response to them. I do not see them coming in at the DHCP server.
    When I connect to the WAP321 using the production SSID I see the same ackets at the AP and also coming in to the DHCP server. That is why I am so confused. I can't figure out why they do not get to the server. I was wondering if I have something configured wrong on the SG200, but this is new territory for me and I do not know what I am missing. I have taken some screen shots of the SG and WAP config screens in case it might help.

  • Wrv210 How to use vlan feature?

      Hi people.
    I have 1 WRV210 Wireless Router, this device have the vlan feature, I have read about this feature that u could have separate networks example:
    192.168.10.X net-1
    10.0.8.x net-2
    My ISP use pppoe, is working, but I dont know how to setup 2 networks with this device? The manual just tell u how to create vlans but is all nothing more.
    Can someone help me with this?
    Suppose that I have 1 computer wired and some clients wireless, I want to have net-1 for my wired clients and net-2 for my wireless clients, but separate and using both networks the same ISP.
    Thanks!!!

    Go to the Setup page of the wrv210. On the sub-tab click on Vlan. Select enable on the Port-Based Vlan.  Check the box of the desired vlan that you want to assign to the port and ssid.

  • AX guest network using vlan in the switch

    Hi!
    I'm thinking of setting up a wlan and guest wlan by setting up separate Airport Expresses on different VLANs. The new gen. The setup would be 3 AXs on the internal network and 3 AXs as guest network. VLAN1 is internal and VLAN2 is guest. All AXs wil lbe set up in brigde mode. The AXs aren't VLAN aware so they'll just pass along whatever packets coming their way, right? I will configure the switch to use VLAN1 on all ports except 4 on VLAN2. 3 for the AXs and one to hte firewall that also provides DHCP for VLAN2.
    Would this work OR have i missed something vital here?
    /Hasse

    Thanks for the info, Unfortunately, as suspected the Arris model that you have is known as a "gateway", or "modem/router".
    The AirPort Extreme recognizes that there is another router "upstream" on the network, so it correctly chooses the Bride Mode setting to allow correct operation on the network.
    The downside to this is that the Guest Network cannot be enabled when the AirPort is configured in Bridge Mode.
    If the Guest Network feature is important to you, check with your service provider to see if they can supply a simple modem to connect to the AirPort Extreme.....not a "gateway" or "modem/router" device.

  • No web access since using VLAN (SGE2000)

    Hello,
    Using one SGE2000 switch.
    I'm unable to access the switch web interface since I assigned a PVID to the port where my computer is connected.
    If I use the PVID 1 and untagging the VLAN 1, it works fine.
    What can I do to access the web interface with another VLAN ?

    1. add vlan, for example with id 2.
    2. add ip address in vlan 2.
    3. port which connected to your computer must be vlan 2 native mode acces, all trafic trought out from this port will untaged.
    use command
    switchport mode access
    or
    encapsulation dot1q 2 native

  • Subinterface stop when I use vlan 1 default - Cisco ASA5520

    Hi there,
    I´m trying to configure a subinterface named Inside with vlan 1 but the interface stops work with this vlan.
    My switch is a Cisco and use the lan with vlan 1 too.
    If I change de vlan for other i.e vlan13 works fine. And all others vlans works fine too.
    Is there a problem to use the vlan 1?
    My configuration is:
    Cisco ASA:
    interface gig0/3
    no ip address
    no security
    no nameif
    Interface gig0/3.1
    vlan 1
    nameif Inside
    Securirity-level 100
    ip address 10.x.y.x 255.255.224.0
    The  giga port of the swtich is configure to trunk model;
    Where the problem is?
    Tks
    Adriano Porcaro

    Hi Adriano,
         As per my knowledge what is happenning here is that in the switch VLAN1 is the native vlan be default, unless you have changed it. Now when the switch passes native VLAN traffc it passes it untagged, which is not dot1q. Where as the subinterfaces on the ASA passes only dot1q traffic i.e anything other than the native VLAN on the switch. Please try to change the native VLAN on the switch and use the VLAN to pass traffic.
    Hope this helps!
    Regards,
    Som
    P.S : Please mark this post as resolved if it is answered. Do rate the helpful posts. Thanks.

  • SG300 - Separating network using vlan?

    I am wondering what the best way to separate a network, both data, on a cisco SG300. I do not want network 1 to able to communicate with network 2 or vice versa.  I have one server for DHCP for network 1, 192.168.1.X. I would like network 2 to have ip of 10.0.0.X, can the cisco SG300 do dhcp for this vlan?
    Thank you for your help,
    Brian

    Hello Brian, the SX300 series do not support any DHCP service, you will need a router or a DHCP box for this. The SX300 can separate traffic with VLAN. However, as the default layer 2, all request will go to your router then route to the destinations. As the switch in layer 3 mode, you may have local connectivity, however, if your router does not support the vlans or dot1q encapsulation, the router would require static routes for those subnets to be able to correctly route to the internet.
    -Tom
    Please rate helpful posts

  • Bind external device into Hyper-V by bridging adapters and using VLAN?

    Hi,
    i tried several hours and researched the web but no solution.
    I am running a Windows Server 2012 with Hyper-V virtualizing several networks. Each network is in its own vlan (Network 1 = Vlan 100 , Network 2 = Vlan 200,  Network 3 = Vlan 300 etc.). They are all connected to an external network vSwitch TESTNET.
    This vSwitch TESTNET is connected to one NIC on the host. I can send/receive VLAN tagged packets to this NIC from outside and it works. I can reach the corresponding networks.
    NOW I have an external device which I have to physically connect to that server on a new NIC. It has to be placed into Network 1 means be reached directly from there.
    The first idea I got is to bridge this network connection with my vSwitch Testnet. Due to the fact that the virtualized Network 1 is in a vlan I also tag the new NIC with Vlan 100. Several attemps later I still can't get it working.
    1.) Is it possible to bridge a vSwitch with a physical NIC? Will the tagged vlan packets from the physical NIC be sent to the corresponding VMs with the same vlan configuration over the vSwitch Testnet?
    2.) Or Do I need to create another vSwitch for the second NIC for my external device? And afterwards bridge these two vSwitches together?
    3.) Or is the only way to add this network device to a virtual router in a virtual machine?
    Hope somebody can help me.
    Regards DrWho

    I'm not understanding why this device has to directly connect to the physical host. If it's required that it be in network 1, why can't you plug it into a physical switch in a port with a default/PVID VLAN of 1? If you directly connect it to a regular physical
    port on a computer, it won't be in a network at all, at least not as defined anywhere else in your configuration, unless that port has somehow been bound and configured as a router. The end result of all that trouble would not really different from just plugging
    it into the physical switch to begin with.
    No, you can't bind the virtual switch and another physical port together in the way that you describe.
    You can't have a device that only communicates with a particular partner AND participates on a common network beyond those two devices unless that partner is a router.
    Eric Siron Altaro Hyper-V Blog
    I am an independent blog contributor, not an Altaro employee. I am solely responsible for the content of my posts.
    "Every relationship you have is in worse shape than you think."

  • Spanning tree - balanced without use vlan ?

    Hi, i´m sorry if this is a classic question.
     i have implemented rapid pvst like show in the image. The dotted lines are the alternative links. (image 1)
    SwitchA# spanning-tree vlan 1 root primary
    SwitchB# spanning-tree vlan 1 root secondary
    I want to make a kind of balancing like image 2. But the problem is that i have vlan 100 (and other vlans) in side A and Side B.
      So, if i make 
    SwitchB: spanning-tree vlan 100 root primary
    SwitchA: spanning-tree vlan 100 root secondary
      The SwB it change to primary for vlan 100. 
      But i want to the switchB be the primary for side A and secondary for side A. No matter the vlan. Is possible?
    Thanks a lot!
    IMAGE 1
    IMAGE 2
    PS: Later i will implement HSRP.

      Hi, i know that is possible, but doing this the result is unbalanced for mi network. For example vlan 20 reside in all switches and vlan 21 reside in only one switch. 
      i want to the switchA be the primary for side A and secondary for side B. No matter the vlan. Like image 2.
      I hope to be clear.
    Thanks.

  • Is it possible to configure 2 SSIDs without using multiple VLANs?

    I am trying to set up a 1231G to allow normal users to connect using WEP and visitors to connect with no encryption in guest mode. Using one SSID, I can get one or the other to work using the guest-mode command on the SSID, but have the problem that WEP mandatory or optional on the radio interface disables either the normal user or the guest. If I set up 2 separate SSIDs for each of these user groups is it necessary to assign a separate VLAN for each to make this work? The AP is on a network that is not trunked.
    Thanks for any help or direction you can give me.
    --Sara

    Hi Sara,
    Hopefully the attached docs will answer your question:
    Cisco Aironet 1200 Series
    Using VLANs with Cisco Aironet Wireless Equipment
    Deprecated versions of Cisco Aironet software permit binding multiple SSIDs to one VLAN. Current versions do not.
    http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_example09186a00801d0815.shtml#
    Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.2(15)JA
    Configuring Multiple SSIDs
    vlan vlan-id
    (Optional) Assign the SSID to a VLAN on your network. Client devices that associate using the SSID are grouped into this VLAN. You can assign only one SSID to a VLAN.
    http://www.cisco.com/en/US/products/hw/wireless/ps4570/products_configuration_guide_chapter09186a00802085c4.html
    Also this answer from Cisco Aironet 1200 Series FAQ;
    Q. How many service set identifiers (SSIDs) can you have per VLAN?
    A. You can have only one SSID per VLAN. The use of multiple SSIDs over a single VLAN is not supported with Aironet APs.
    Hope this helps! (sorry to be the bearer of bad news)
    Rob
    Please remember to rate helpful posts.......

  • How set native vlan on a VM in vSphere when using the 1000V?

    Using the vSphere Distr Switch, we set native VLAN per VM by setting the VLAN d to 0.
    How do we set the native VLAN for a VM if the VM is connected to a 1000V? I heard we no longer can use VLAN ID 0?                  

    Same way you would on any Cisco switch.
    Add this command to your Uplink port profile:
    switchport trunk native vlan X
    Keep in mind there is no VLAN 0.  VLAN "0" is just how vmware designates the untagged VLAN.  Valid ranges are 1-4095 according to the standard.
    Regards,
    Robert

  • VLAN Trunk using Set-VMNetworkAdapter cmdlet

    Hello,
    Does anyone have expereince with Trunkking in Hyper-V?
    We have four VMs using VLAN IDs: 2,4, etc.
    One VM 2008R2 is setup as a Router. What we want is to allow 2008 R2 VM to accept traffic from VLAN IDs 2 and 4.
    Please see image below for the configuration made:
    As you can see in image above, Red1 and Blue1 VMs are configured with 2 and 4 VLAN IDs but none of them can ping the gateway (2008 Router VM). 
    Thank You,
    AL

    Hi AL,
    Sorry for the late , I  am afraid  RRAS does not have the function like "One-armed router" .
    So , there is no trunk configuration in my test :
    1. create a new virtual switch
    2. one RRAS router has two virtual NICs with different Vlan   (NIC1 : 192.168.1.1/24 Vlan2 , NIC2 :192.168.2.1/24 Vlan3).
    3. connect the two NIC to the new virtual switch
    4. VM1 with IP 192.168.1.2/24  GW : 192.168.1.1/24 Vlan2  and  VM2 with IP 192.168.2.2/24  GW : 192.168.2.1/24  VLan3  ,both connect to the new switch
    Best Regards
    Elton Ji
    We
    are trying to better understand customer views on social support experience, so your participation in this
    interview project would be greatly appreciated if you have time.
    Thanks for helping make community forums a great place.

Maybe you are looking for