Creating Subnets, DHCP Relay, Catalyst 6000, PIX, Catalyst 2948/2924

Discussion in 'Cisco' started by cruz@hnu.edu, Feb 8, 2007.

  1. Guest

    Hello All,

    Fairly new to Cisco administering here and need some guidance on
    segmenting traffic on our flat network.

    Scenario:

    Internet
    Cisco 1800 router
    PIX
    Catalyst 6000
    Catalyst 2948 and 2924

    We're in a W2k3 environment with a dedicated DHCP server and one
    scope.

    Currently the dorm users patch into a Cat2948 or Cat2924 for internet
    access. These users get their IP address from the DHCP server.

    Goal:

    We'd like to separate or segment users in the dorm onto a different
    subnet. I'm thinking that this can be achieved by creating Vlans for
    the dorms, set the cat29xx's up as a DHCP relay, then create a new
    scope within DHCP for these vlans.

    >From what I see on google groups this can be done. However, I don't

    know where to begin or how to achieve this. Can anyone give me some
    guidance on this and\or point me to good documenation?

    Thanks all!
     
    , Feb 8, 2007
    #1
    1. Advertising

  2. stephen Guest

    <> wrote in message
    news:...
    > Hello All,
    >
    > Fairly new to Cisco administering here and need some guidance on
    > segmenting traffic on our flat network.
    >
    > Scenario:
    >
    > Internet
    > Cisco 1800 router
    > PIX
    > Catalyst 6000
    > Catalyst 2948 and 2924
    >
    > We're in a W2k3 environment with a dedicated DHCP server and one
    > scope.
    >
    > Currently the dorm users patch into a Cat2948 or Cat2924 for internet
    > access. These users get their IP address from the DHCP server.
    >
    > Goal:
    >
    > We'd like to separate or segment users in the dorm onto a different
    > subnet. I'm thinking that this can be achieved by creating Vlans for
    > the dorms, set the cat29xx's up as a DHCP relay, then create a new
    > scope within DHCP for these vlans.


    DHCP relay happens at the subnet border, and a Cat 29xx doesnt route - so
    doesnt need to do DHCP relay.

    If your Cat 6k has L3 in it, then you should set up the DHCP relay there.

    I havent done this for a long time, so dont remember the exact commands -
    but the cisco web site has a good search engine and should find examples
    there.

    dont forget to add a scope per subnet to the DHCP server, or nothing is
    going to work.....
    >
    > >From what I see on google groups this can be done. However, I don't

    > know where to begin or how to achieve this. Can anyone give me some
    > guidance on this and\or point me to good documenation?
    >
    > Thanks all!
    >

    --
    Regards

    - replace xyz with ntl
     
    stephen, Feb 8, 2007
    #2
    1. Advertising

  3. Peter Guest

    Greetings,

    > Scenario:
    >
    > Internet
    > Cisco 1800 router
    > PIX
    > Catalyst 6000
    > Catalyst 2948 and 2924
    >
    > We're in a W2k3 environment with a dedicated DHCP server and one
    > scope.
    >
    > Currently the dorm users patch into a Cat2948 or Cat2924 for internet
    > access. These users get their IP address from the DHCP server.
    >
    > Goal:
    >
    > We'd like to separate or segment users in the dorm onto a different
    > subnet. I'm thinking that this can be achieved by creating Vlans for
    > the dorms, set the cat29xx's up as a DHCP relay, then create a new
    > scope within DHCP for these vlans.
    >
    > >From what I see on google groups this can be done. However, I don't

    > know where to begin or how to achieve this. Can anyone give me some
    > guidance on this and\or point me to good documenation?


    The basic steps you will need are -
    1. Build the new DHCP scope on the server.
    2. Enable layer 3 routing between the new Segments. Note that your
    6500 would need Layer 3 capability for this.
    3. Enable DHCP relay on the 2848/24 that has the new IP segment,
    pointing it at the DHCP Server.

    I assume steps 1 & 2 are pretty straight forward for you, and for step
    3, search the Cisco Web site for "Configuring DHCP Relay".

    Cheers..............pk.

    --
    Peter from Auckland.
     
    Peter, Feb 9, 2007
    #3
  4. Guest

    Thanks guys. This is helpful. STep 1 is straightforward indeed.
    Step 2 is unclear to me how to achieve but I'll reach out to cisco
    documentation for scripting.


    On Feb 9, 1:10 pm, "Peter" <> wrote:
    > Greetings,
    >
    >
    >
    >
    >
    > > Scenario:

    >
    > > Internet
    > > Cisco 1800 router
    > > PIX
    > > Catalyst 6000
    > > Catalyst 2948 and 2924

    >
    > > We're in a W2k3 environment with a dedicated DHCP server and one
    > > scope.

    >
    > > Currently the dorm users patch into a Cat2948 or Cat2924 for internet
    > > access. These users get their IP address from the DHCP server.

    >
    > > Goal:

    >
    > > We'd like to separate or segment users in the dorm onto a different
    > > subnet. I'm thinking that this can be achieved by creating Vlans for
    > > the dorms, set the cat29xx's up as a DHCP relay, then create a new
    > > scope within DHCP for these vlans.

    >
    > > >From what I see on google groups this can be done. However, I don't

    > > know where to begin or how to achieve this. Can anyone give me some
    > > guidance on this and\or point me to good documenation?

    >
    > The basic steps you will need are -
    > 1. Build the new DHCP scope on the server.
    > 2. Enable layer 3 routing between the new Segments. Note that your



    > 6500 would need Layer 3 capability for this.
    > 3. Enable DHCP relay on the 2848/24 that has the new IP segment,
    > pointing it at the DHCP Server.
    >
    > I assume steps 1 & 2 are pretty straight forward for you, and for step
    > 3, search the Cisco Web site for "Configuring DHCP Relay".
    >
    > Cheers..............pk.
    >
    > --
    > Peter from Auckland.- Hide quoted text -
    >
    > - Show quoted text -
     
    , Feb 9, 2007
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. gani

    ACL on 2948-L3

    gani, Apr 1, 2004, in forum: Cisco
    Replies:
    2
    Views:
    500
    Steinar Haug
    Apr 1, 2004
  2. Tejinashi

    vlans on 2948

    Tejinashi, Apr 4, 2006, in forum: Cisco
    Replies:
    2
    Views:
    512
    Peter
    Apr 5, 2006
  3. Vimokh
    Replies:
    3
    Views:
    5,712
    Vimokh
    Sep 6, 2006
  4. Michael Mueller

    Debug UDP Packets on Cisco 2948 with CatOS

    Michael Mueller, Dec 20, 2006, in forum: Cisco
    Replies:
    0
    Views:
    1,085
    Michael Mueller
    Dec 20, 2006
  5. Replies:
    4
    Views:
    1,438
    Trendkill
    Aug 29, 2008
Loading...

Share This Page