Question : Vlans and routers

Ok we are looking to segment off the user base from our network.  We want to do this with vlans.  Our current network is as follows:
servers sit on 172.16.1.x network.
Users will go on 172.16.10.x network.

I am setting up a test router a 2811 and a test switch a 2950 48 port.

I want to setup a test work station with the IP address 172.16.10.10 and I want it to talk to the servers at 172.16.1.x and get out to the internet.   I have never setup vlans before so this is all new to me.

Thanks

Answer : Vlans and routers

You have 2 options with the router.
Use vlan sub-interfaces, or plug one FastEthernet port into each vlan...

Option 1
Router:

 interface fast 0/0
  description VLAN1
  ip address 172.16.1.254 255.255.255.0

 interface fast 0/0.2
  encap dot1q 2
  description vlan2
  ip address 172.16.10.1 255.255.255.0

ip route 0.0.0.0 0.0.0.0 172.16.1.1  <== assuming that this is the current DG/Firewall

Switch:
vlan2
interface vlan 1
 ip add 172.16.1.253 255.255.255.0
interface fast 0/23
 descript uplink to 2811 router
 switchport mode trunk


OPTION2. Each FA interface of router connected to switch.

Router:
 interface fast 0/0
   Descript VLAN1
   ip add 172.16.1.254 255.255.255.0
 interface fast 0/1
  Descript VLAN2
   ip add 172.16.10.1 255.255.255.0
 ip route 0.0.0.0 0.0.0.0 172.16.1.1

Switch:
 vlan 2

 interface Fast 0/23
  Description VLAN1 to router FA 0/0
  switchport mode access
  spanning-tree porfast
 switchport access vlan1
 
interface Fast 0/24
  Description VLAN2 to router FA 0/1
  switchport mode access
   spanning-tree portfast
   switchport access vlan 2

NOTE: be sure that the DG for all hosts on both networks is the VLAN L3 interface (router interface - either physical or logical)