Cisco :: 3750 - How To Make Interface VLan
Mar 19, 2012
i have linksys modem which already working for different v lans then for lab we take other switch 3750 switch and created different v lans. v lans are working fine but we need internet for different v lans for that linksys modem how we can make interface V lan1/
ip address 10.1.1.10 255.255.255.0
ip default- gateway 10.1.1.1
no sh
interface Vlan10
ip address 10.1.2.1 255.255.255.0
no ip route-cache
!!interface Vlan20
ip address 10.1.3.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 10.1.1.1
ip dhcp pool vlan10
network 10.1.2.0 255.255.255.0
default-router 10.1.2.1
dns-server 10.1.1.1
!
!ip dhcp pool vlan20 network 10.1.3.0 255.255.255.0 default-router 10.1.3.1 dns-server 10.1.1.1
View 1 Replies
ADVERTISEMENT
Feb 7, 2013
Currently have two routers inside our network.
One is the default GW 10.1.1.13
One is Jump Router for ATT 10.1.1.12
Both connected to HP Procurve L2 switch
The ATT Router is 10.1.1.2Want to replace GW and Jump with one 3750 L3 switch.icomplish this with only one port g0/1 connected to HP Procurve?Can I make the switchport 10.1.1.13 and then create a ip vlan999 10.1.1.12?route all to 10.1.1.2Or do I just connect two ports, and hardcode them with an ip?
View 1 Replies
View Related
Dec 12, 2012
Cannot set route map on interface vlan. which in non default vrf on Cisco 3750.IOS c3750-ipservicesk9-mz.122-55.SE.bin sdm prefer route in enable ip vrf users rd 200:0 route-target export 200:0 route-target import 200:0 interface Vlan201 description Users 1 ip vrf forwarding users ip address 10.31.76.1 255.255.252.0 ip helper-address 10.31.4.57 route-map fromuser permit 10 match ip address fromuser set ip next-hop 10.31.128.155 When I enter "ip policy route-map fromuser" to interface Vlan 201 I heve the message:
% Remove VRF configuration from interface Vlan201 first
View 5 Replies
View Related
Mar 13, 2013
I have configured a vlan interface on a 3750 switch. there is aprox 4Mb active traffic flowing through the interface, but when I do a "show interface vlan (vlanid)" the output show zero bits in and zero bits out. Its a typical L3 config with one IP on the vllan interface acting as the gateway for the VLAN devices. Is this a normal behaviur ? and if so is there any way to get the traffic in/out stats. The end PC/devices are connected to this switch via an L2 TRUNK and I dont have access to the L2 switch on which the actual devices connect. so cant get the real time stats of those interfaces.
View 2 Replies
View Related
Jan 10, 2013
I have two networks at two sites with a dot1q trunk between the two L3 switches at both sites (no routers involved)
SITE A - Cisco 3750 L3 - VLAN ID 50
10.10.50.0/24
SITE B - Cisco 3750 L3 - VLAN ID 50
10.20.50.0/24
I would like to extend the SITE A VLAN to SITE B so that I can move hosts from SITE A to SITE B without needing to change their IP address but the vlan ID is already in use. Obviously the easy solution is to change the VLAN ID for one or other of the sites but both sites contain hosts that run 24/7. Is there a way to join two VLANs with different IDs together.So for example I create a new VLAN 60 at SITE B and associate it with VLAN 50 at SITE A.
View 4 Replies
View Related
Nov 20, 2012
We have a low bandwith (15-20 Mbit/s) to the ASA from our Client vlan. If i connect the Client to the same vlan as the ASA is, the bandwith (90 Mbit/s) is good.
Here are the Layer 3 Design:
Client -> vlan 2 - Switch - vlan 7 -> vlan 1 - ASA 5505 -> ISP
The Layer 2 Design:
Client -> Gig2/0/13 - Switch - Gig4/0/43 -> Eth0/1 ASA5505 -> ISP
IP Address:
Client: 172.16.2.10Vlan2: 172.16.2.1Vlan7: 172.16.7.1ASA: 172.16.7.2
I assuming the switch has a problem with routing ?It is a stacked Switch with following members:
switch 1 provision ws-c3750g-12sswitch 2 provision ws-c3750g-24tsswitch 3 provision ws-c3750g-24tsswitch 4 provision ws-c3750x-48
And we have following error message in the log from the switch:
%PLATFORM_UCAST-4-PREFIX:
One or more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded I first get the idea that the switch is overloaded with router traffic. Thats why i assuming i have to check the sdm templates, but i'm not sure if this resolves the issue.
Here are the relevant config:
ASA Interface on the Switch:
interface GigabitEthernet4/0/43description ASA-inside LANswitchport access vlan 7switchport mode accessspanning-tree portfast
Client Interface on the Switch:
interface GigabitEthernet3/0/1switchport access vlan 2switchport mode accessswitchport port-securityswitchport port-security aging time 2switchport port-security violation restrictswitchport port-security aging type inactivitymacro description cisco-desktopspanning-tree portfastspanning-tree bpduguard enable
[code]...
View 2 Replies
View Related
Nov 21, 2012
i'm going mad on following problem. I'm trying to get 2 networks seeing each other while one of the network is a non VLAN network and the other one is a VLAN network.They should use the same interface so i added VLAN e0/0.122 to the interface e0/0.Send a ping from my asa to both gw-IP's made me happy at first. In second in figured out that i cannot reach any client in the other network. For testing purpose i created an permit acl to any/any for both networks, but the packets still get dropped by the default implicit rule. (deny any/anyMaybe i'm to stupid for this
View 10 Replies
View Related
Jan 21, 2013
Any example, tested on 3750-24/48TS and 3750G-24TS to remove the fan to make the switch more silent. I'm not interested in replies telling that is risky, I'm interested to know how is the switch acting. Has shutdown at overheating? I will use the switches only for my CCIE studies, a couple of hours per day, no heavy load.
I tested with 2950 switches are there were absolutely no problems, the devices were even in production.
View 1 Replies
View Related
Aug 15, 2011
I am into creating a new VLAN, what I have missed in the setup / configuration. I have multiple Cisco switches, the VLAN is configured on a 3750. My attempt was to place the VLAN on one port (as concept) and work from there - - so it is on 2-02 of my main Cisco stack. The new VLAN is 220 - Printer. My present IP scope is 192.168.200.x - running out of addresses - trying to add 192.168.220.x. on VLAN 220 to relieve some pressure - -- Most I can do is ping the VLAN IP - 192.168.220.1 and that resolves - - but if I attach a networked device with a 192.168.220.x address - - cannot get there..
Here is the switch info...
version 12.2
parser config cache interface
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime
service timestamps log datetime localtime
service password-encryption
[code]....
View 6 Replies
View Related
Dec 5, 2011
We have a 3750 which has a few vlans configured. One Vlan is for public access wifi and another for our security system (door access, cameras, etc.). I don't want the public wifi vlan to access the security system vlan. How can I accomplish this in the 3750?
View 4 Replies
View Related
Oct 24, 2011
I have a rather large network with multiple VLANs and routing. Here's the layout:
5540 subinterface = gi0/2.18 = 10.16.18.1/24 TRUNKED to a 2960
2960 has an interface set to VLAN 18 (no IP) goes to a Cisco 4507 with an int. set to VLAN 18 (no IP)
4507 then has a trunk to a Cisco 7206
7206 then trunks to a Cisco 3845
3845 trunks to a 3750 (single)
3750 (single) trunks to a 3750 Stack
3750 Stack has int. set to VLAN 18 that goes to a 3750(lab) w/ int set to VLAN 18 w/ IP 10.16.18.251/24, VLAN502 = 10.202.255.1/30,
VLAN510 = 10.203.255.1/30
3750(lab) then has a trunk that connects to ASA 5510 w/ subinterfaces: e0/1.18 = 10.16.18.253/24, e0/1.510 = 10.203.255.2/30, e0/1.502 = 10.202.255.2/30
ASA5510 then goes to Internet
Any trunks are set to allow all VLANs. From the 2960 to the 3750 stack it's obviously all Layer 2 with trunking.
Issue:If I sit at the 5540, I can ping 10.16.18.251 and .253 with no problems. I can also ping 10.203.255.1 with no problems. Problem is that I cannot get to the other subinterfaces on the 5510 for VLANs 502 and 510. How do I ensure that my trunk is set up right? I have a route in the 5540 pointing to the 10.203 and 10.202 using the 10.16.18.251 address. It seems like a traceroute gets to the 10.16.18.251 address but then it stops. What route should be on the 5510 to make sure it gets back? The default route on the 5510 points to the Outside. I think it's something to do with the trunk that's just something I don't understand yet.
5510:
show int ip bri:
Ethernet0/1.18 10.16.18.253 YES manual up up
Ethernet0/1.502 10.202.255.2 YES manual up up
Ethernet0/1.510 10.203.255.2 YES manual up up
[code]....
View 7 Replies
View Related
Dec 18, 2011
I have Cisco router 851 at my region site. It has five Fa ports. One of them is connected to ISP and has ip address 10.1.1.2 (for example). It also has vlan 1 interface, that has ip address 192.168.0.1 (also for example). I also have Tun0 interface that goes through ISP network and connects to my hub network. The rest of Fa interfaces are swithcable and they are in vlan 1.The problem is that from hub LAN I can telnet to 10.1.1.2 ip address, but I can't telnet to 192.168.0.1. Whereas I can Ping 192.168.0.1 from my hub LAN.
Topology:
Hub LAN -------ISP---------Spoke Router 851
View 8 Replies
View Related
Oct 18, 2012
How to configure internet access for different VLANs in cisco 3750 switc,ISP connection directly connecting to 3750 ,3750 have 18 VLANs
View 9 Replies
View Related
May 4, 2012
Scenario: I have a vmserver w four virtual servers all in configured w in different subnets. What's the best way to configure a 3750-x switch to route traffic from the virtual servers to their vlans?
View 2 Replies
View Related
Feb 7, 2011
I have cisco switch model WS-C3750G-12S-D. It is in transparent mode. I am getting below error message when tried to create new vlan.
Proposed configuration exceeds the limit of 1005 VLANs that can be supported on this platform. Reduce the number of VLANs proposed to be within this limit.
After deleting few unnecessary vlans, it allowed me to create.
3750#sh vtp statusVTP Version : running VTP1 (VTP2 capable)Configuration Revision : 0Maximum VLANs supported locally : 1005Number of existing VLANs : 959VTP Operating Mode : TransparentVTP Domain Name : VTP Pruning Mode : DisabledVTP V2 Mode : DisabledVTP Traps Generation : DisabledMD5 digest : 0xBC 0xA7 0xEC 0xDE 0x36 0x6C 0x61 0xB4 Configuration last modified by 97.193.17.172 at 0-0-00 00:00:00
I confused with terms 'maximum supported vlans' and 'maximum locally supported vlans'. If switch is supporting vlans 1-4094 means it should also allow to create locally. Otherwise how they will pass through the switch trunks without local creation.
View 1 Replies
View Related
Dec 14, 2011
I am working on the exact same configuration as noted here [URL] that uses subinterfaces on the asa. I have two interfaces on my stacked 3750's configured as trunk ports (primary ASA on primary 3750 stack member, secondary ASA on secondary 3750 stack member).
My questions is what should the DG be configured on the 3750. Can I keep the 3750 in L2 or will I have to enable L3 routing? Should the VLAN interfaces be configured.
The port that the ASA is configured with has 3 subinterfaces on VLAN 100, 200, and 300.
The subinterfaces are G0/2.100, G0/2.200, and G0/2.300.I am in the middle of converting from 3 separate DMZ switches, each attached to their own port on the asa which is their default gateway to one physical port on the ASA broken into 3 subinterfaces which then connect to stacked 3750's. The stack will then have the 3 separate DMZs in actual separate VLANs.
My goal is to leave the default gateway for each dmz on the ASA so I don't have to modify other areas of the ASA config.
View 1 Replies
View Related
Dec 18, 2011
Lets say I have the following topology.
DataCenter<---Etherchannel(2)-->BuildingB<---Etherchannel(2)--->BuildingA
There arer 3 stacks of 3750 at each building. The core switch/router in our network is at location B. The way it was originally setupis every L3 device has an ip address for each lan. So let's say we have VLAN 200 withnetwork 192.168.200.0/24. The DataCenter would be assigned (192.168.200.3), Building B would be assigned (192.168.200.1), and Building A would be assigned (192.168.200.2). I'm configuring the DC and BA to be L2 only and Building B to be the only real router in the network besides a few ASAs. When I ran a 'no ip address' on the vlan interface on Building A, the internet connectivity for 192.168.200.0 dies, but local connectivity is fine. After doing some research and troubleshooting, I found out that if I set the next hop on the ASA for the local networks for an IP address on building B everything works perfectly.
The way the routes on the ASA are setup for local networks are as follows.
All local networks have ip route localnetwork mask x.110.215.17. This address is the IP address of the inside interface on the ASA. Now, when I kill the IP address on the vlan interface on Building A internet connectivity goes down, while the next hop is still pointed to this address, BUT if I give it a next hop of the vlan interface ip address on B everything works fine. Now, I can easily fix this, I was just wondering why this is happening?
View 1 Replies
View Related
Sep 6, 2011
I have just started to discover the power of EEM and am already monitoring config changes on our switches with EEM.I would like to be notified of any interface going up and possibly down. on our 6509's and 3750's This is just to be aware of anyone patching anything in.
View 1 Replies
View Related
Jun 20, 2011
Does backup interface is supported on ASR?
interface GigabitEthernet0/2/1
description 3750_Stack_1
backup interface GigabitEthernet0/2/2
ip address 100.50.50.242 255.255.255.248
View 7 Replies
View Related
Apr 26, 2011
I have 3750 switch and there are couple of vlans.....i dont want to run the instance on all vlans....so i have decided that i will run passive intreface default command....now my lan link is layer three and i want to run eigrp on that so the command shd be as under?
no passive interface default interface gig1/0/10
no passive interface default interface gig1/0/22
(as i have 2 conections) and want to have two neibours.
View 2 Replies
View Related
Jan 12, 2013
How to apply access list on Vlans ?
my Scenario is
13 Vlans in cisco 3560 switch (Vlan 10,20,30........ 130)
vlan 10 ---- ip range 192.168.10.0/24 interface vlan 10 ip add : 192.168.10.1
vlan 20 ---- ip range 192.168.20.0/24 interface vlan 20 ip add : 192.168.20.1
here i want to block vlan 10 access to vlan 20 i created extended access list deny ip 192.168.10.0 0.0.0.255 192.168.20.0 0.0.0.255
and applied in interface vlan 10 as out now i cant able to access any host in vlan 20 (host 192.168.20.1) but i can able ping vlan 20's gateway 192.168.20.1
View 3 Replies
View Related
Dec 7, 2010
I am trying to roll out a new internet router. The problem I am faced with is the LEC only supports VLAN 1227 and greater, specifically they are assigning me VLAN 2528. I am able to create the sub-interface and setup dot1q encapsulation for VLAN 2528, but the vlan database does not have the ability to add VLAN 2528 to it so I am unable to get layer 2 up and going, thus preventing me from getting the implementation done.
View 11 Replies
View Related
Apr 22, 2013
Actually I am new to this ASR , in my environment my 6513 is connected ASR , I want to know how can we access and configure VLAN on Gigabit interface which is connected to 6513.
View 9 Replies
View Related
Aug 9, 2012
I'm trying to set up a Guest VLAN for wireless at a client site, and I feel like I'm missing something small in the configuration, since I can't ping any of the VLAN interfaces from my laptop when the address is statically set to something in the 172.20.100.x range.
I've pasted the configs for the ASA 5505 and the 6 switches below for convenience. Near as I can tell, all should be well. The ports are in trunking mode, the "show cdp neighbors" command returns the proper information, VLAN 100 exists on all the switches, etc.
Code:
ASA Version 7.2(4)
!
hostname ASA
domain-name xxxx.local
enable password Cj3LF.ehxXN3xVkxWcxd encrypted
passwd Cj3LF.ehxXN3xVkWcxd encrypted
[Code] ......
View 17 Replies
View Related
Oct 10, 2012
Have a quick question regarding inter-vlan routing on a 3750. Overview of network is ISP --> ASA --> 3750 (acting as my core and default gw). I have 5 vlan interfaces on my 3750, all w/ 192.192.x.x subnets, a 6th w/ 192.168.100.x, and a 7th w/ 192.168.200.x. I have enabled "ip routing" on the switch and can successfully ping from subnet A to subnet B as long as both devices are using the correct DG for their vlan, which is the switch. I have a few ports that are trunked as well that go to ESX hosts which break out the vlans according to the subnet the vm should be attached to. The ASA is set to nat internal traffic for all the vlans.
Now my question: short of applying an ACL to each vlan interface to block traffic from other 192.192.x.x subnets is there a better way to accomplish this? I want my 192.168.10.x subnet to be able to reach all the subnets, but don't want 192.192.10.x to be able to talk to 192.192.20.x for example. I was thinking to create an acl like this:
access-list 120 permit ip 192.192.10.0 0.0.0.255 access-list 120 deny ip 192.192.0.0 0.0.255.255 192.192.10.0 0.0.0.255access-list 120 permit ip any 192.168.100.0 0.0.0.255 192.192.10.0 0.0.0.255
and then applying this to the interface for the appropriate vlan.
View 4 Replies
View Related
Jan 18, 2012
I have one VLAN on a 3750 where I do not see any MAC addresses even though it is in use. This is an unrouted VLAN between a WLC on a port- channel /LAG and an access port to an ASA for guest traffic. When I do a show MAC add I get nothing for VLAN 60 (guest DMZ) but all other VLANs seem to be OK. Spanning tree is not showing TC counters incrementing either.
I also was told when put a port on this VLAN the laptop did not get a DHCP address form the ASA, but the wireless guest clients are working fine. I can see the DHCP leases and ARP entries in the ASA and the ASA ARP in the WLC so some traffic is passing fine. I'm not onsite right now so troubleshooting is all remote which limits some options.
View 4 Replies
View Related
Jul 1, 2012
I have setup both Vlans on 3com and cisco. but it seems they cant talk to each other.ive setup both on trunking mode?
View 6 Replies
View Related
Feb 29, 2012
I have a 3750 switch which has the command 'spanning-tree vlan **'. I am struggling to remove this command, as this particular VLAN is one I want to distribute across our network.I have so far, set the switch to VTP Transparent mode and removed the VLAN from the database, this removes the command. If I then put the switch back to VTP client mode (or manually add the VLAN, while in in VTP transparent mode) then the command comes back. Submitting the command 'spanning-tree vlan **' command has no affect.
View 1 Replies
View Related
Nov 8, 2012
I have 3 VLANs here that need to be on the same network segment. They are going to be used by our Wi-Fi network (with Aironet APs), bound to 3 different SSIDs (as Aironet APs doesnt allow multiple SSID per VLAN), each one with a different authentication method and server.Is there a way to bridge those VLANs together with a Catalyst 3750 switch? I tryed configuring an IP address on one of the VLAN interfaces, then configuring a bridge with the vlan-bridge protocol (Catalyst 3750 doesnt have the "ieee" bridge protocol type) and put all 3 VLAN interfaces on the same bridge-group, but it didnt work (even with "bridge x route ip").I also tryed configuring IRB bridging, with the 3 VLAN interfaces on the same bridge-group and an IP address on the BVI interface (the way I used to do with old 2600 routers). Same result.(actually, I didint test to see if the interfaces are actually being "bridged", but I see neither of them can reach the router)
View 1 Replies
View Related
Apr 24, 2011
One of my VLANS on my 3750 gives a status of act/lshut. I've tried no shut commands on the interface to no avail. From my reading it seems like this means the VLAN is active but shut down locally.
View 8 Replies
View Related
May 16, 2012
We have a need to access an VLAN at the main office( ie Core Switch 6500,switch 3750) from a remote site(Cisco3845 router, Switch3750) connecting by a SP through fibre link.
what is the easiest and quick way to do it and the user from the remote site just want to have access to that VLAN for a couple of days only.
View 6 Replies
View Related
Feb 12, 2004
i want to know if the new Catalyst 3750 Support Private Vlan ?
or any other small Switches
View 3 Replies
View Related
Sep 12, 2012
Cisco 3750 with IP Service Image 12.2.55, Trying to enable Web Authentication on Layer 3 interface:
!
ip auth-proxy name bp_auth_proxy http inactivity-time 60
!
interface GigabitEthernet1/0/5
no switchport
ip address 192.168.1.27 255.255.255.0
ip access-group 101 in
View 1 Replies
View Related
