Procurve 2524 / Cisco 2950 VLAN setup

April Amey

Procurve 2524:

- ports 1-5 in School_VLAN (id 2)
- rest of ports on Default_VLAN (id 1) (employees only)
- port 24 - fiber link to Cisco 2950
- ports 1-5 are 'untagged'
- port 24 in School_VLAN - tagged
- port 24 in Default_VLAN - untagged

Cisco 2950

- port 8 - fiber link to Procurve 2524
- port 47 - Cisco 2610 router out to frame network and ultimately to Internet
- one port to Novell server for employee use only

On the Cisco we defined the School_VLAN with id 2. We defined a VTP domain although we don't think we really needed to do that.

We want the School VLAN and the Employee VLAN to go from the Procurve 2524 out port 24, across the fiber to port 8 on the Cisco 2950 and out to the Internet. But we do not want the SCHOOL_VLAN ports to be able to get to anything else.

We're having some trouble figuring out how to do this on the Cisco side. We THINK the above setup on the Procurve is right. Ideas? Yes, we'll be asking in the Cisco forum as well...


Shiraz Malik

Re: Procurve 2524 / Cisco 2950 VLAN setup

Hi Amey,
your procurve side configuration seems to be fine and theres nothign much you could do on ur procurve to prevent the student_vlan from accessing the internet also because 2524 is a low end and less intelligent switch for this kind of senario.
best thing would be to configure an ACL on your cisco router.
hope this helps.
April Amey

Re: Procurve 2524 / Cisco 2950 VLAN setup

We do want the Students and Employees to both be able to access the Internet. We just don't want the Student VLAN to do anything else - i.e. get to the local segment's Novell server hanging off the 2950. I'm just not sure how to configure the Cisco side so I'll ask in the Cisco forum.

Thanks for your response.