Switches, Hubs, and Modems
cancel
Showing results for 
Search instead for 
Did you mean: 

VLAN and 802.1q

Héhé
Occasional Visitor

VLAN and 802.1q

Hi,

My switch : Procurve 3400 cl
I tried to configure my network like this:

VLAN 1 untagged 1-22
VLAN 10 untagged 24

VLAN 1 tagged 23
VLAN 10 tagged 23

On port 23 is connected my web server and have to be access by all PCs.

Is this configuration is good ?

Have you a NIC to recommend?

Thanks all
7 REPLIES
OLARU Dan
Trusted Contributor

Re: VLAN and 802.1q

Probabily the NIC of your webserver does not understand 802.1Q tagging, so you might want to have port 23 untagged in one of the VLANs. In order for all PCs to see the server, start IP routing in the switch, after assigning IP addresses to its VLAN interfaces. You might want to use different IP subnets in different VLANs. Why do you need two VLANs?
Héhé
Occasional Visitor

Re: VLAN and 802.1q

I need two VLAN because my company will share their building whith other company and this company must access to our server but not to our PCs.
The ip adress of this server must be the same in the two network (require by software installed)

Jonathan Axford
Trusted Contributor

Re: VLAN and 802.1q

If the two companies both need access to a 'Central' server, could you make another VLAN specifically for the server?

You would have to have 3 seperate IP subnets, enable IP routing as mentioned.

If you wanted to have the server using 2 different IP addresses, you could think about dual homing it and having one interface in each VLAN.
Where there is a will there is a way...
Héhé
Occasional Visitor

Re: VLAN and 802.1q

I want my server use single address on the same subnet.

I don't understand that create 2 VLAN and share 1 server is so complicated

Nobody have a simple solution?

Thank you
Paulen
Regular Advisor

Re: VLAN and 802.1q

Hi!

I did exactly what you try to do - with success. There are several NICs that provide support for 802.1q - I take it you want to do this in Windows? Then you have to use the NIC's software. I am pretty sure I did this on an Intel Pro NIC. Under Linux this is quite easy.
OLARU Dan
Trusted Contributor

Re: VLAN and 802.1q

Suppose that VLAN1 is used for the internal LAN, and VLAN10 is used for PCs of the other company. Untag port 23 (the server) in VLAN1 - so your server will be in the internal LAN. Assign IP addresses to the VLAN interfaces. Define inbound and outbound Access Control Lists and apply them "in" and "out" (so that the other company's PCs can only reach the server, and the other ACL should permit only responses from the server to the other company's PCs) to the corresponding VLAN interface. Start IP routing.
Héhé
Occasional Visitor

Re: VLAN and 802.1q

Ok, I'll do that

thank you