Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

Segmenting VLANs with devices that does not have vlans

Chris Bullock_1
Frequent Advisor

Segmenting VLANs with devices that does not have vlans

I have hooked up for metro ethernet for a couple of different sites. 2 of the sites I control and the other site is a customer that maintains their own equipment. My site A has multiple VLANS with vlan 1 as the default. My site B has 1 VLAN, my external customer has 1 vlan. My telco has given me fiber connecting the 3 sites, problem is that I do not want site b and customer a to see each other. My telco tells me to use vlans on my premise to control this, the problem is that customer A only has one vlan, vlan 1 and they do not have a layer 3 device nor the budget for one. So my question is how can I segment this so that my site B and customer a can not see each other. If I create a fake vlan at site A in theory it will break the connection from site A to customer A correct? I have attached a diagram.
Chris
2 REPLIES
Chris Bullock_1
Frequent Advisor

Re: Segmenting VLANs with devices that does not have vlans

forgot the folder contents
Mohieddin Kharnoub
Honored Contributor

Re: Segmenting VLANs with devices that does not have vlans

Hi

I think the solution is:

Site B has one Vlan no matter whats the ID, just create the a Vlan in your Site A with the same subnet in Site B, and in Site A that has multiple Vlans enable IP routing, and you Site A,B should be able to talk.

Customer site is the same, create a Vlan in Site A that matches the customer subnet, and Site A and the customer site should be able to talk.

Now since you have a 5400 switch, then create an ACL to prevent Site B and the customer from talking to each other.

Hope that is clear :)

Good Luck !!!
Science for Everyone