Announcement

Collapse
No announcement yet.

LAN setup advice, VLANs?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • LAN setup advice, VLANs?

    Hello and thats for reading my post,

    I have the following network appliances to setup my network:

    1 x 24p Cisco 3560
    1 x 24p Cisco 2950T
    1 x 8p Cisco 2960
    1 x Firewall Zyxel USG300 (gateway to internet)

    I have to isolate the production environment (15 Windows computers) from the rest of the LAN (20 computers, between sales, staff, accounting, etc.). I have one SBS 2003 (I haven't installed it yet), and we'll need to create a domain for all the network. How would you isolate these 15 computers?, do I have to use two different VLANS?, the isolated machines needs to get access to the SBS2003 to join the domain, and also to the Firewall/gateway to get internet access. We've received all the Cisco switches from a different company.

    Right now the network is flat on 2 unmanaged switches, but we really need to isolate the production environment. I want to be sure on how to do it as I'm not too familiar with Cisco or advanced networking Need expert advice !

    Any hint/advice would be greatly appreciated

    Thanks a lot

  • #2
    Re: LAN setup advice, VLANs?

    Theres a bunch of things you can do. You could create your vlans and SVI's. Then filter via access-list on the SVI's to control L3 traffic. That would probably be the better way to do it. You could also do this for L2 as well. You could do Private Vlans but i believe your 3560 will support it but not sure about the other switches. Another kind of "cheap option" would be to use protected ports. The issue with that is they dont span across switches and protected switchport cant talk to other protected switchports.
    CCNA, CCNA-Security, CCNP
    CCIE Security (In Progress)

    Comment


    • #3
      Re: LAN setup advice, VLANs?

      ill be honest, 15 computers and one server doesnt really warrant seperate vlans. I guess you could if you wanted ,but out of the box a flat network for that would do just fine

      Comment


      • #4
        Re: LAN setup advice, VLANs?

        A vlan is just a separate broadcast domain. I have vlans on my network with 4 machines in them. Why? So I can isolate them from my corporate network.
        CCNA, CCNA-Security, CCNP
        CCIE Security (In Progress)

        Comment


        • #5
          Re: LAN setup advice, VLANs?

          Just one quick tip. I would highly suggest a VLAN out your network if you decide to also us VoIP on your network. I work for a VoIP provider and I have found that even small enterprises do better VLANing out their Voice and Data networks from each other. Remember even 1% packet loss is a big deal in VoIP.

          However, if the network is a pure data network (no voice/video traffic) and there are no security needs or traffic shaping needs for the VLANs, I would say forget about it for a network of that size.

          Just my opinion
          Last edited by guitarZen; 17th June 2010, 02:51. Reason: Sorry I didn't read your post well enough.

          Comment

          Working...
          X