Subnet & VLAN question

I've got a switch that setup 4 subnets.
10.1.1.0/24
10.1.2.0/24
10.1.3.0/24
10.1.4.0/24

In my AD server, I have setup DHCP and the gateway for DHCP addresses is
pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.

I have assigned the switch to be the gateway for each subnet. Therefore
the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
I have a firewall box which the internal address is 10.1.3.2

I need to have all the subnets talk to the firewall box so it can access
the internet. Do I need a route in the switch? is this right setup?
or do I need to make the gateway in DHCP point to the firewall instead?
Any suggestions or better solution is appreciated..

Thanks
Sean

Is your switch layer3? You need something to route the subnets.

"Sean" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> I've got a switch that setup 4 subnets.
> 10.1.1.0/24
> 10.1.2.0/24
> 10.1.3.0/24
> 10.1.4.0/24
>
> In my AD server, I have setup DHCP and the gateway for DHCP addresses is
> pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
> 10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
>
> I have assigned the switch to be the gateway for each subnet. Therefore
> the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
> I have a firewall box which the internal address is 10.1.3.2
>
> I need to have all the subnets talk to the firewall box so it can access
> the internet. Do I need a route in the switch? is this right setup?
> or do I need to make the gateway in DHCP point to the firewall instead?
> Any suggestions or better solution is appreciated..
>
> Thanks
> Sean

yes, it is.
I assume I need a static route in the switch to route all the subnets,
right?

thanks

Neteng wrote:
> Is your switch layer3? You need something to route the subnets.
>
> "Sean" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>I've got a switch that setup 4 subnets.
>>10.1.1.0/24
>>10.1.2.0/24
>>10.1.3.0/24
>>10.1.4.0/24
>>
>>In my AD server, I have setup DHCP and the gateway for DHCP addresses is
>>pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
>>10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
>>
>>I have assigned the switch to be the gateway for each subnet. Therefore
>>the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
>>I have a firewall box which the internal address is 10.1.3.2
>>
>>I need to have all the subnets talk to the firewall box so it can access
>>the internet. Do I need a route in the switch? is this right setup?
>>or do I need to make the gateway in DHCP point to the firewall instead?
>>Any suggestions or better solution is appreciated..
>>
>>Thanks
>>Sean
>
>
>

static routeS or a routing protocol. EIGRP would work just fine. Let me know
if you need a config for it.

"Sean" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> yes, it is.
> I assume I need a static route in the switch to route all the subnets,
> right?
>
> thanks
>
> Neteng wrote:
> > Is your switch layer3? You need something to route the subnets.
> >
> > "Sean" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> >
> >>I've got a switch that setup 4 subnets.
> >>10.1.1.0/24
> >>10.1.2.0/24
> >>10.1.3.0/24
> >>10.1.4.0/24
> >>
> >>In my AD server, I have setup DHCP and the gateway for DHCP addresses is
> >>pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
> >>10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
> >>
> >>I have assigned the switch to be the gateway for each subnet. Therefore
> >>the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
> >>I have a firewall box which the internal address is 10.1.3.2
> >>
> >>I need to have all the subnets talk to the firewall box so it can access
> >>the internet. Do I need a route in the switch? is this right setup?
> >>or do I need to make the gateway in DHCP point to the firewall instead?
> >>Any suggestions or better solution is appreciated..
> >>
> >>Thanks
> >>Sean
> >
> >
> >

Thanks.
I have a OmniSwitch/Router OS/R5 and OmniSwitch/Router OS/R9
I don't think they support EIGRP unless I am wrong.
can you help with the config?

thanks

Neteng wrote:
> static routeS or a routing protocol. EIGRP would work just fine. Let me know
> if you need a config for it.
>
> "Sean" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>
>>yes, it is.
>>I assume I need a static route in the switch to route all the subnets,
>>right?
>>
>>thanks
>>
>>Neteng wrote:
>>
>>>Is your switch layer3? You need something to route the subnets.
>>>
>>>"Sean" <(E-Mail Removed)> wrote in message
>>>news:(E-Mail Removed)...
>>>
>>>
>>>>I've got a switch that setup 4 subnets.
>>>>10.1.1.0/24
>>>>10.1.2.0/24
>>>>10.1.3.0/24
>>>>10.1.4.0/24
>>>>
>>>>In my AD server, I have setup DHCP and the gateway for DHCP addresses is
>>>>pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
>>>>10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
>>>>
>>>>I have assigned the switch to be the gateway for each subnet. Therefore
>>>>the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
>>>>I have a firewall box which the internal address is 10.1.3.2
>>>>
>>>>I need to have all the subnets talk to the firewall box so it can access
>>>>the internet. Do I need a route in the switch? is this right setup?
>>>>or do I need to make the gateway in DHCP point to the firewall instead?
>>>>Any suggestions or better solution is appreciated..
>>>>
>>>>Thanks
>>>>Sean
>>>
>>>
>>>
>
>

I don't know much about the Omniswitch, but I'll try. I'll see if I can find
some info and post back.


"Sean" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> Thanks.
> I have a OmniSwitch/Router OS/R5 and OmniSwitch/Router OS/R9
> I don't think they support EIGRP unless I am wrong.
> can you help with the config?
>
> thanks
>
> Neteng wrote:
> > static routeS or a routing protocol. EIGRP would work just fine. Let me
know
> > if you need a config for it.
> >
> > "Sean" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> >
> >>yes, it is.
> >>I assume I need a static route in the switch to route all the subnets,
> >>right?
> >>
> >>thanks
> >>
> >>Neteng wrote:
> >>
> >>>Is your switch layer3? You need something to route the subnets.
> >>>
> >>>"Sean" <(E-Mail Removed)> wrote in message
> >>>news:(E-Mail Removed)...
> >>>
> >>>
> >>>>I've got a switch that setup 4 subnets.
> >>>>10.1.1.0/24
> >>>>10.1.2.0/24
> >>>>10.1.3.0/24
> >>>>10.1.4.0/24
> >>>>
> >>>>In my AD server, I have setup DHCP and the gateway for DHCP addresses
is
> >>>>pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
> >>>>10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
> >>>>
> >>>>I have assigned the switch to be the gateway for each subnet.
Therefore
> >>>>the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
> >>>>I have a firewall box which the internal address is 10.1.3.2
> >>>>
> >>>>I need to have all the subnets talk to the firewall box so it can
access
> >>>>the internet. Do I need a route in the switch? is this right setup?
> >>>>or do I need to make the gateway in DHCP point to the firewall
instead?
> >>>>Any suggestions or better solution is appreciated..
> >>>>
> >>>>Thanks
> >>>>Sean
> >>>
> >>>
> >>>
> >
> >

Can you post a link to the product? I don't see that model.

"Sean" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> Thanks.
> I have a OmniSwitch/Router OS/R5 and OmniSwitch/Router OS/R9
> I don't think they support EIGRP unless I am wrong.
> can you help with the config?
>
> thanks
>
> Neteng wrote:
> > static routeS or a routing protocol. EIGRP would work just fine. Let me
know
> > if you need a config for it.
> >
> > "Sean" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> >
> >>yes, it is.
> >>I assume I need a static route in the switch to route all the subnets,
> >>right?
> >>
> >>thanks
> >>
> >>Neteng wrote:
> >>
> >>>Is your switch layer3? You need something to route the subnets.
> >>>
> >>>"Sean" <(E-Mail Removed)> wrote in message
> >>>news:(E-Mail Removed)...
> >>>
> >>>
> >>>>I've got a switch that setup 4 subnets.
> >>>>10.1.1.0/24
> >>>>10.1.2.0/24
> >>>>10.1.3.0/24
> >>>>10.1.4.0/24
> >>>>
> >>>>In my AD server, I have setup DHCP and the gateway for DHCP addresses
is
> >>>>pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
> >>>>10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
> >>>>
> >>>>I have assigned the switch to be the gateway for each subnet.
Therefore
> >>>>the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
> >>>>I have a firewall box which the internal address is 10.1.3.2
> >>>>
> >>>>I need to have all the subnets talk to the firewall box so it can
access
> >>>>the internet. Do I need a route in the switch? is this right setup?
> >>>>or do I need to make the gateway in DHCP point to the firewall
instead?
> >>>>Any suggestions or better solution is appreciated..
> >>>>
> >>>>Thanks
> >>>>Sean
> >>>
> >>>
> >>>
> >
> >

Sean,
Just set up a static route on your L3 switch that points 0.0.0.0/0 to your
firewall (10.1.3.2) and set a route (or multiple routes) on your firewall
for your IP blocks you are running inside. Easiest would be to have a
static route on the firewall that says 10.0.0.0 255.0.0.0 (all 10.x.x.x
addresses should go to) -> 10.1.3.1 (the switch)
Just make sure that your L3 switch has got routing turned on - it should be
mentioned somewhere in your manual on how to do that.

Regards,
Ed Horley

"Sean" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
>
> yes, it is.
> I assume I need a static route in the switch to route all the subnets,
> right?
>
> thanks
>
> Neteng wrote:
>> Is your switch layer3? You need something to route the subnets.
>>
>> "Sean" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>
>>>I've got a switch that setup 4 subnets.
>>>10.1.1.0/24
>>>10.1.2.0/24
>>>10.1.3.0/24
>>>10.1.4.0/24
>>>
>>>In my AD server, I have setup DHCP and the gateway for DHCP addresses is
>>>pointing to .1 of each subnet. eg. 10.1.1.0/2's gateway is setup to
>>>10.1.1.1 and 10.1.2.0/24's gateway is setup to 10.1.2.1 and so so.
>>>
>>>I have assigned the switch to be the gateway for each subnet. Therefore
>>>the switch is 10.1.1.1, 10.1.2.1, 10.1.3.1, and 10.1.4.1
>>>I have a firewall box which the internal address is 10.1.3.2
>>>
>>>I need to have all the subnets talk to the firewall box so it can access
>>>the internet. Do I need a route in the switch? is this right setup?
>>>or do I need to make the gateway in DHCP point to the firewall instead?
>>>Any suggestions or better solution is appreciated..
>>>
>>>Thanks
>>>Sean
>>
>>

"Sean" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> I have a OmniSwitch/Router OS/R5 and OmniSwitch/Router OS/R9
> I don't think they support EIGRP unless I am wrong.
> can you help with the config?

With only two "routers" there is no need for any Routing Protocols, but you
could keep it simple and use RIP, but I dont' think you need it, you have a
"simple" situation.
All Clients set the Default Gateway to the "router" that is their own
subnet.
One of the "routers" will use the Internet Sharing Device as the Default
Gateway.
The other router uses the other router as the gateway

Example:

A. Router1 points to Router2 as the Default Gateway
B. Router2 points to the Internet Sharing Device
C. Internet Sharing Device points to the ISP's Router as the Default
Gateway,..but points to Router2 (static route) for any subnets located on
the opposite side of Router2 (which includes anything opposite Router1).
D. Clients point to the router interface that directly faces them as thier
Default Gateway.

--
Phillip Windell [MCP, MVP, CCNA]
www.wandtv.com
-----------------------------------------------------
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/IS...cessRules.html

Microsoft Internet Security & Acceleration Server: Guidance
http://www.microsoft.com/isaserver/t...dance/2004.asp
http://www.microsoft.com/isaserver/t...dance/2000.asp

Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.asp

Deployment Guidelines for ISA Server 2004 Enterprise Edition
http://www.microsoft.com/technet/pro...isaserver.mspx
-----------------------------------------------------