Networking
VLAN Configuration
VLAN Configuration
Cisco SA 500 Series Security Appliances Administration Guide
The security appliance supports Virtual LANs (VLANs), which allow you to
segregate the network into LANs that are isolated from one another. The default
configuration provides for a data VLAN and a voice VLAN, which can be treated
like two separate networks.
You can change the settings for the default VLANs, and you can add new VLANs,
for up to a total of 16 VLANs. For example, if you need a guest network for visitors
to your site, you can create new VLAN. Any PC that is connected to the specified
LAN port is on a separate VLAN and cannot access other VLANs, unless you
enable inter VLAN routing.
Refer to the following topics:
•
Default VLAN Settings, page 77
•
Enabling or Disabling VLAN Support, page 78
•
Creating VLAN IDs, page 79
•
Assigning VLANs to LAN Ports, page 80
Default VLAN Settings
By default, the data VLAN and the voice VLAN are enabled with the following
settings:
•
Data VLAN: The VLAN is enabled with the VLAN ID 1
-
VLAN - Data, VLAN Number (untagged packets): 1
-
VLAN - Data, IP Address: See Product Tab
-
VLAN - Data, IP Address Distribution: DHCP Server
-
VLAN - Data, Start IP Address: 192. 1 68.75.50 (assuming LAN IP address
is 192. 1 68.75. 1 )
-
VLAN - Data, End IP Address: 192. 1 68.75.254 (assuming LAN IP address
is 192. 1 68.75. 1 )
-
VLAN - Data, Subnet Mask: 255.255.255.0
-
VLAN - Data, Lease Time in Minutes: 1440 (24hours)
-
Lease Time in Minutes: 1440 (24hours)
3
77