I need to talk system 1 to others.

j.sivasankar92 · April 03, 2015, 08:42:13 AM

Hi,
Systems 1,2,3,4,5 connects in one switch. If I want to access the Internet in system 1 only.
My friend said, can make a system 1 in Vlan 1.
And others are 2,3,4,5 in Vlan 2.

Then I asked, if system 1 needs to talk some other systems.

He didn't gave me a correct answer.

Then what will we do for to communicate between systems 1 to others.

jinxer · April 03, 2015, 10:19:04 AM

If you use SVI's the vlans can talk to eachother. Then you just have a route for the VLAN 1 subnet out to your internet gatewayand viceversa. Or you use a ACL which only allows vlan 1 out. Or... Lots of ways to do this.. Depends on your design

deanwebb · April 03, 2015, 10:26:08 AM

To communicate between different vlans, you will need routing in place. Either a physical router or a layer 3 module running on the switch.

To control Internet access, you can simply not route traffic from VLAN 2 that isn't bound to VLAN 1. As an alternative, all your devices can be in the same VLAN, but you give system 1 a static IP address and then apply an access list to only permit traffic from that one IP address to go out to the Internet.

For an even better solution, you would want a firewall in place to regulate the traffic and to make sure that traffic inbound from the Internet that you do not want (which is nearly all of it) does not enter your network.

And as I typed this, jinxer posted his response... I have been ninja'd.

I need to talk system 1 to others.

j.sivasankar92

jinxer

deanwebb