Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

VLAN When to Deploy?

Status
Not open for further replies.
VLADY218

VLADY218

Technical User
Feb 7, 2003
133
0
0
US
We have a project coming up. 1 Student Lab (30 PC's) and 30 Staff Members. Students and Staff must have NO access to each other, and only be able to access the same router for internet and a single Server for Active Directory. Is this where a VLAN comes into play and if so will both VLANS be able to log into the server once set up.

Thanks for all your help I've never done this before and looking for some outlooks.

Thanks
 
Sort by date Sort by votes
You can do this with one vlan and protected ports. Make every port protected except the port connecting to the router.
 
Upvote 0 Downvote
What type of switches do you have?


The following is a matrix of switches and IOS that support private ports.

You would configure the router and the AD server as promiscius ports and the rest as isolated.

Baddos,
I have not implimented or tested private ports on a switch yet. So I'm curious, the documentation states they only limit l2. How would you limit the PC's talking to each other through the router (l3). When the PC doesn't find the other PC it will go to the router. Would the router forward the traffic through it? It would see an IP packet coming in from the switch, it would check the IP Address and send it back to the switch. Am I missing something. Would you need an ACL on the router to prevent this? If so what would it be? Or could you use a VACLS. Interesting problem.

NetEng
 
Upvote 0 Downvote
It wouldn't protect them from accessing something on the other side of the router. You would create an access-list on the router for that.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Luzbel
  • Locked
  • Question
Connecting HVAC controller to network
Replies
0
Views
71
Luzbel
Luzbel
Skip Rango
  • Locked
  • Question
how to backup cisco sg500-52p switch
Replies
1
Views
101
madwok
madwok
PThomp3344
  • Locked
  • Question
Trying to connect to Cisco Unified Controller web interface: UC520W-16U-4FXO-K9
Replies
1
Views
90
bdk76
bdk76
WinstonCH
  • Locked
  • Helpful tip
What is wrong with the diagram, there are people who will help to fix it? How do i do the configurat
Replies
1
Views
87
BIS
BIS
DTGMI
  • Locked
  • Question
Moving from Juniper SRX-240 to Cisco ??
Replies
0
Views
61
DTGMI
DTGMI

Part and Inventory Search

Sponsor

Back
Top