I have just had a cisco 200-26 smart switch with 24 ports. I have set the IP of VLAN1 (also management Lan) to 192.168.1.254. All ports except port 10 and 11 are assigned to VLAN1. Furthermore, I have created another VLAN with id VLAN2 and this VLAN is getting IP from DHCP server of my university network and the internet comes through the university network. The VLAN2 is using IP's from the range 10.103.72.x. What I want to accomplish here is that, I have a full 192.168.1.xx network behind VLAN1 and only requirement is that it should be passing the internet traffic to VLAN2 and getting the results back to the relevant devices in VLAN1.
For VLAN2, I have already done port to vlan mapping and assigned them port 10 and 11 with trunk and untagged settings.
It seems what I am trying to do is really simple but I am sort of a newbie in networking and don't know much about network configurations. Please also guide me how to make the required configuration through web ui. I am not really into the command line interface of cisco switches.
Regards
Cisco – Accessing Internet from a different VLAN. Cisco 200-26
bridgeciscoroutingswitchvlan
Related Solutions
You have a gateway (security appliance / router), a switch, and an access point. You want 4 VLANs - default, voice, video, and guest.
You need to configure each of these VLANs with a unique subnet and IP address in your gateway. The IP address assigned to the gateway is the default gateway for each VLAN/subnet.
The switch and AP should have a management IP address assigned to them from the default VLAN/subnet (e.g. 10.0.0.1 in your case) and their default gateway is the IP address of the gateway.
10.0.0.1/24 = gateway 10.0.0.2/24 = switch 10.0.0.3/24 = AP
OK, now: how to connect the gateway and AP to the switch. Trunk ports are necessary to carry the multiple VLANs to the AP and gateway. The AP needs to see all VLANs so it can assign clients to either default or guest, as does the gateway (so it can route between the VLANs/subnets).
Configure trunking to both AP and gateway. 802.1q should be an option and your default vlan should be VLAN1.
Your AP will need to have unique SSID's per VLAN/subnet with each it's own security policy.
Your gateway will need to have NAT/PAT enabled.
Does that help?
I finally ended up figuring this out through trial and error. Below are the correct VLAN port configuration settings for anybody who may come to this thread looking for an answer.
With this configuration connections on ports 3-6 are tagged with VLAN ID 1001 and automatically get a 192.168.0.X IP address from the RV320. Connections to ports 7-24 are tagged with VLAN ID 1002 and automatically get a 192.168.1.X IP address from the RV320. Connections on Port 1 are tagged with VLAN ID 1 and automatically get a 192.168.100.X IP address from the RV320.
Best Answer
What you need is a router. Routers route traffic between networks, but layer-2 switches (what your switch is) do not. VLANs keep the networks separate, and to get traffic from one VLAN to another VLAN, you need a layer-3 device (router or layer-3 switch).
Your router will need a route, probably a static default route, for the interface toward the bigger network, and the router on the bigger network will need a route to the network behind your router. The easiest way to do this is to share a routing protocols with the router on the bigger network. That way, both routers can tell each other the networks about which they know. You really want fixed IP addresses for your router interfaces, if it is at all possible.
For your switch, you only use trunk interfaces for links that will have multiple VLANs crossing them. You tag the frames on a trunk link so that the switch on the other end can tell which frames belong to which VLANs. You could have one native (untagged) VLAN on a trunk, but all the other VLANs on the trunk will be tagged. Native VLANs can be a security problem, as can VLAN 1, so the recommendation is to not use native VLANs or VLAN 1.