Cisco Switches :: Routing Between Two Vlans On An SG300 Series Switch
Oct 22, 2011
I've seen lots of posts from people having problems routing traffic between two vlans with some complicated examples. Any simple step-by-step example for an SG300 switch (in layer 3 mode) to configure two vlans and sending traffic between the two vlans without an external router?
-VLAN1 10.10.10.0
-VLAN2 10.10.20.0
I've tried to do this through the GUI and can't seem to make it work. I'm missing something in the GUI.
View 6 Replies
ADVERTISEMENT
Jan 20, 2013
I have a SG300-28P that is our Main VLAN Switch. Though the VLANs that I have on it are there mostly because of our Edge Router and our AP541Ns.We have the Following VLANs defined (Subnets Changed to conseal Piblic IPs) [code]
VLAN200 and VLAN201 come into Our Edge Router and out on a Single GE Port via VLAN Tagged to thje SG300.The SG 300 Splits them out to Untagged Ports and they are connected to Two Firewalls, each with a IP in the 200 and 201 Subnets. The AP510 has the VLAN200, VLAN192 and VLA101 tagged Subnets sent to it. The AP521 has three SSID, each associated with a Paticular VLAN.
This all works fine, though there are a few hidden flaws. Since all of the VLANs are present, both Internal and Public IPs, one could craft packets form one network and use the SG300 as its gateway to the other subnet and Gain Access. How can I isolate the Subnets, so that I can still use the SG300 as a Default Gateway for the 10.1.0.0/16 Network Make it so if someone from the 10.1.0.0/16 netwok accesses the 201.201.201.0/24 Subnet it uses the SG300's 0.0.0.0 0.0.0.0 default router (the Firewall IP) and not the VLAN InterfaceIf somone in the 201, 200, 192 Subnets uses the SG300 as a Gateway and tries to access a 10.1.0.0/16 address it gets blocked.
View 1 Replies
View Related
Feb 20, 2013
Is it possible to configure both Catalyst WS-C2960-24PC-L and Switch Cisco SG300-28 to work together for VLANs for voice and data ? If yes, can you give me the resources which I can refer to ?
View 4 Replies
View Related
Apr 7, 2012
My problem is that I have a Cisco 300 series small business switch with multiple VLANS each one with an IP address and two or three ports assigned to each VLAN. I have an E3200 wireless router that I want to use to use to share internet on the switch. All of the VLANs are reachable from the other VLANs and I've put a static route on the E3200 so that I can reach the VLANs from a machine connected only to the router. But I can't reach machines on the otherside of the router or get to the internet from the switch.
View 3 Replies
View Related
Aug 20, 2012
I'm going to have several SG300-28P switches to setup. I'll need to create multiple vlans for data, voice, and wireless traffic. I have the following questions in setting up this configuration:
VLAN 1 Management
VLAN 100 Data
VLAN 200 Wireless
VLAN 300 Voice
1) For managing the switches via IP, will LAN1 be the default management network? Should I create a seperate VLAN for managing the switches?
2) For uplinking the switches together, I plan to trunk a port to connect the switches together. What's the configuration on the trunk port to forward all vlans from one switch to another?
3) On some ports, I want to configure a trunk for two vlans (Data and Voice) where the phone has a pass through for PC. The phone supports tagging for the PC and the VoIP traffic. For example on port 10, would VLAN 100 and 300 be set to tagged?
View 3 Replies
View Related
Feb 8, 2013
What does "ip routing" do on the CLI on the SG300? When I do this, I see it enables ip forwarding, but there is no mention of this in the CLI manual. I'm just trying to figure out what I would use this for, and if I should leave it enabled, or disable it. I have several different SG300 switches in L3 mode, and they are set up in a multi-vlan environment...
View 2 Replies
View Related
Aug 26, 2012
I have 2 SG300-10 switches, and I need two VLANs, one for internal network and one for WiFi APs.I need ports 1->4 on both switches to be part of 1st VLAN and ports 5->8 on 2nd VLAN; and port 10 uplink to 2nd switch.How I set up the VLANs and interface VLAN mode?
[code]...
View 1 Replies
View Related
Jul 10, 2012
i am trying to get a SG300 work as a router between VLAN's?So fare without any lock?Test setup one SG300 switch and 2 PC's ?Ping works from host to VLAN IP's, but not from host A to host B
Here is the host configuration
<TABLE style="BORDER-BOTTOM: #000000 1px solid; BORDER-LEFT: #000000 1px solid; WIDTH: 400px; BORDER-TOP: #000000 1px solid; BORDER-RIGHT: #000000 1px solid" class=jiveBorder border=1 cellSpacing=0 cellPadding=3 mcestyle="BORDER-BOTTOM: #000000 1px solid; BORDER-LEFT: #000000 1px solid; WIDTH: 400px; BORDER-TOP: #000000 1px solid; BORDER-RIGHT: #000000 1px solid">
[code]...
Here is the switch configuration
SG300 with FW 1.1.2.0 configuration i L3 mode
set system mode router
confip routing (needed on SG300??? - ti is on a 3560 i PacketTracer)
vlan databasevlan 5vlan 6vlan 7
[code]...
View 5 Replies
View Related
Jul 19, 2012
I have just purchased a SG300-28P switch I am using a GUI to do my config. I cant create VLANs just fine on this but I can not assign IP address to the VLANs.
I just want to have a Data and Voice VLAN on this I am planning on leaving data on VLAn 1 but I can't seem to find an option to assign an IP address to my voice vlan.
For some odd reason I cant access this switch using a console port.
View 2 Replies
View Related
Mar 25, 2013
How to setup 3 SG300-52 (in L2 mode) as per this diagram:Port 1 on all switches should be able to talk to each other and access the blob at the right.The ports 25 on the other hand should only be able to talk among themselves in their own private vlan. They are to carry sensitive traffic. So I created 3 vlans, vlan 78 for ports gi1, gi51 and vlan 10 for port25,49,50 and a dummy vlan: 666 with the intent of segratating vlan 10 from vlan 78. My attempts so far have failed. ports gi49-50 are configured as trunk ports and gi1,gi51 as access ports as the following cli output (excerpts of the startup config):
vlan database
vlan 10,78,666
exit
interface vlan 1
ip address 172.16.10.11 255.255.255.0
[code]....
Ports gi1 can talk to each other and access the blob but ports 25 refuse to talk to each other. But as soon as I remove the access links to the blob they can! Obviously, at that point port gi1 lose access.Is such a topology feasable or even advisable?
View 7 Replies
View Related
Jul 9, 2012
I supplied 3 numbers of SG300 series switches for the sole reason to have inter-vlan routing. I created 4 VLANs in the switches and made one switch as Layer 3 switch and other 2 as Layer 2 switch. Inter-Vlan routing is working fine. I am able to ping PCs from different VLANs. But I am not to access shared folders. Customer has installed Window 2003 server installed and it is in VLAN 1. There are some folders created in this server and it is very important for users to have access to the folders.Also, I am not able to access shared folders in other VLANs. I have created a case with Cisco small business and I got a reply saying that the switches will not support shared folder feature, which I think is not real. I am getting a very time to implement this solution in the network. I have a Sonicwall firewall after Core switch which is connected to ISP.
View 1 Replies
View Related
Apr 8, 2013
I used two sf-300 switch and create 4 vlans and intervlan routing is working fine.
Port 1 - 10 -------------> Vlan 1
Port 2 -20----------------> Vlan 2
Port 3 - 30------------------> Vlan 3
Port 4 - 40--------------------> Vlan 4
giga1 -----------------> connected to router (This router used for intervlan routing).
SF-300 Port 1 is connected to Internet Modem. This modem worked as dhcp server also for vlan 1, my problem is that when vlan 1 is not communicate to vlan2,3,4 and 2,3,4 are not communicating.
How i can communicate vlan 1 to 2,3,4 vlan.
how i can connect the modem in switch? Access port or Trunk port ( Presently available in vlan 1 Access port)Any route i need to make? sf-300 or modem or router?
View 1 Replies
View Related
Mar 25, 2012
I have a SG300 Switche working in layer 3 mode.I configured 3 VLANs on the switch, assigned all ports, given IP addresses to VLANs interfaces, etc.Now I want to implement ACL to permit or deny access between vlans and hosts.Can I apply an ACL to a whole VLAN (in or out) like Catalyst models?I mean apply the ACL to the entire vlan or the only way in this model is to implement that ACL port by port?Every time I have a new port configure to work in a Vlan I have to implement the ACL?
View 4 Replies
View Related
Mar 11, 2011
I've been looking at picking up a 16-24 port gigabit switch that supports trunking, vlans etc. for home use.
I've looked at the Cisco SG2/300's, HP 1810g-24 and the Dell 2816 and 2824 switches, and it seems like the Cisco's are the best buy (layer 3'ish features, same price as the HP) but there isn't much about them.
View 14 Replies
View Related
Aug 13, 2011
I just received a new Cisco SG300-10 and am configuring it in Layer 3 mode. I am trying to setup multiple routed VLANs going back to a FiOS Actiontec router. My configuration is as follows.
Fios Router: 192.168.1.1
Assigning DHCP 192.168.1.2 through 100.
SG300-10 has VLan 1 ip 192.168.1.5 used for Mgmt.
VLAN2 is 10.0.2.1
VLAN3 is 10.0.3.1.
I have a static route set on the fios router for both subnets setup as follows.
Destination 10.0.3.0 Gateway 192.168.1.5 Netmask 255.255.255.0 Metric 1
Destination 10.0.2.0 Gateway 192.168.1.5 Netmask 255.255.255.0 Metric 1
I have a laptop connected to Gi8 on the Cisco (Vlan 3) and statically assigned 10.0.3.3, with a gateway of 10.0.3.1. DNS set to the fios router (192.168.1.1).
Everything pretty much works EXCEPT, I cannot get out to the internet from either vlan. Traffic routes between vlans/and the default subnet on the fios without issue.
When I ping out, DNS resolves, but will not go past the fios router. Am I missing a setting somewhere?
View 3 Replies
View Related
Apr 16, 2012
I am trying to setup VLAN's in the company I work for and I am almost there but missing the part when the internet works.I have an SG300 as a L3 Router IP 192.168.0.93.I have created VLAN20 and VLAN40 Assigned VLAN20 192.168.2.1 and VLAN40 192.168.4.1
The static routes have been created and a default router going to the Sonicwall firewall at 192.168.0.1.Port 24 is configured as Untagged VLAN1, Untagged VLAN20 and VLAN40 in trunk mode and going to the Sonicwall NSA 2400. [code]
Working to move all 192.168.0.x network off of VLAN1 and move it a management switch.I have DHCP helper on pointing to the DHCP server.Both VLAN's once the DHCP server is configured to Gateway 192.168.0.93 can get an IP from the correct subnet either 192.168.2.x or 192.168.4.x
All PC's are getting a GW IP of 192.168.2.1 pr 192.168.4.1.All test PC's on both VLAN's can ping each other and any server with the correct GW.When I try to ping google.com or open a web page and try google.com it times out.
View 3 Replies
View Related
May 9, 2011
I have a question, does the SG300-28 support VTP and STP?. I want to add it to my network's VTP domain so I don't have to manage vlans manually on the SG300-28 and also be able to configure STP to keep my network loop free.
View 2 Replies
View Related
Jun 18, 2012
I was assigned a task to configure an SG300-28P to have 3 different vlans.Now on VLAN1 their will be only one device configured with static IP 192.168.0.230,On the other 2 VLANS there will be a separate router connected on each one of them and will also act as a DHCP server.
View 4 Replies
View Related
Mar 18, 2013
I have spent several days tearing my hair out trying to properly configure our small business switch (SG300-10p) for voice. The phones are a relatively new addition and will replace old POTS phones.Our network consists of a 1941 ISR router, the SG300-10P switch, a mac server (handing DHCP, DNS, AFP), 4 client desktops and 4 SGA525G2 IP phones. The router, server, desktops and phones all have their own connection to the switch and the second data ports on the back of the IP phones are not used. We do not have any unified comms devices for voice. Our VOIP solution is hosted by a local SIP provider, and each phone independently registers with the provider's SIP proxy over the internet.
Left almost to it’s own devices (or presumably flat, default settings on VLAN 1), this whole setup works just great. We can TFTP files, make and receive calls, and do all the usual XML stuff. Calls are crystal clear. Even the localisation and directory works. However, I’ve been told several times that to ensure good quality on VOIP calls during periods of busy traffic, I should set up some form of QoS. A Voice VLAN on the switch, I was told, is the best way to do this as it automagically gives priority to the whole voice VLAN over the normal data VLAN.
I have followed instructions in numerous manuals, articles and guides, and have managed to create the Voice VLAN, both manually and automatically (I can watch Smartport detect the phones and see the Auto Voice VLAN add the ports to the VLAN as I connect them). The trouble is, as soon as this happens, the phones lose connectivity with the rest of the network, including the DNS server and the router, and therefore the internet, causing them to lose registration with the SIP service.
I tried adding the server and router ports to the Voice VLAN and tweaking every possible combination of tagged, untagged, excluded, trunk, access, general and PVID settings I can think of (by the way, I have no idea what any of those mean). The switch is in Layer 2 mode, but adding the port connected to the router to all the VLANs does not result in internet connectivity to the phones. I have told the phones to tag frames with the VLAN ID and told them not to. I have tried upgrading firmware and I have rebooted the switch so many times I'm tired of those wretched little flashing lights.
Nothing seems to work. And so I am stuck with everything on VLAN 1. My most recent thought is that the 1941 needs to know about the Voice VLAN (I checked CDP and it knows about the switch), but I’m reluctant to start messing with the router config when this is our production network, at least without knowing what I'm doing. I don’t even know if QoS applies when a Voice VLAN is not set up and we're on VLAN 1, some articles say yes, others say no. And when it is set up right, how does that priority transfer to the router? I’ve looked in the router manual and config options and found something called 802.1Q, but I have no idea what it is, how it works or even if it applies to our situation. Can I forgo VLANs altogether and use QoS some other way, perhaps?I have googled enough to cobble together our setup in IOS up until now. Ideally, I would still like to be able to ssh or https into each device (as I do now) for management, and I’ve read about setting up a another VLAN for config, monitoring etc, but I guess that would mean routing between VLANs in Layer 3.
View 2 Replies
View Related
Sep 10, 2011
I am having an issue with LAG configuration on a Cisco SG300 52 switch. I have connected four Ge ports on the switch to the four NICs of a Dell R710 Server on which I installed Windows Server 2008 R2. Without LAG configured, these ports would forward traffic to and from the Dell server fine.However, if I configure LAG on the ports with LACP enabled, then they would not forward any network traffic. Debugging shows that the ports are up but their forwarding status show N/A. Am I missing any configuration? Can I configure LAG on edgeports?
View 2 Replies
View Related
Oct 12, 2011
Mgmt Vlan 1 (default) Data VLan 10 (with access to internet) Is there a way to have a PC attached to a SG300 switch such that it can both access Vlan 10 for data and Vlan 1 for managment ? The PC's port clearly needs to be untagged PVID on vlan 10. I have tried adding vlan 1T and setting the port as a trunk port but to no avail, The switch is currently level 2. I am guessing this might not be possible in level 2 without setting the mgmt vlan to 10 ?.
View 3 Replies
View Related
Feb 3, 2013
i have a SG300-52 Switch, route mode is enabled, and it is using the latest IOS.I have created 4 Vlans in this switch, till this point its OK, but once i try to give ip addres to the created Vlan either from the GUI or CLI the switch is not responding. i have to go and manually reset the switch using a pin.
View 8 Replies
View Related
Mar 4, 2012
i was trying to set up a new SG300-52 L3 switch for switching and Vlan. The problem is that the vlans on this switch cannot get their DNS resolved. Probably a stupid thing i can't get to see, but i think it is a simple solution given switchin is not my expertise.So my setup:
- ISP Wan router: LAN ip 10.0.0.1, DMZ: 10.0.0.2 -> i have to use this router for ISP support. But it suckes, that's why we use own router for firewall, port forwarding etc.
- Nice Router: WAN: 10.0.0.2, LAN: 192.168.1.1
- SG300 L3 switch
This works. I can ping switch, nice router, ISP router and google's ip from VLAN 5.But i cannot ping google using host name. From within SG300 i can. So it has something to do with SG300 not doing DNS right.My Client on VLAN 5 has ip 10.1.1.5 / 24, default gateway and dns pointing to switch: 10.1.1.1.I have put an entry in DNS servers in SG300: 192.168.1.1 active (pointing to Nice router). On client leave default gateway pointing to switch. But put DNS server : 192.168.1.1
View 11 Replies
View Related
Oct 10, 2011
I have a recently purchased 28 port SG300 switch. Everything is working well. Unfortunately there is so much traffic flying around that a 10MB half duplex device is struggling to function as it is overloaded. Removing some of the sources of traffic fixes it.
Fortunately I only need to access that device from one PC on the network. That PC however needs to access everything else on the network.
Is there a simple way to shield the slow device from everything except traffic from the PC ?
The switch is in Level2 mode at the moment. Everything is on a single sub net.
View 2 Replies
View Related
Sep 1, 2011
We have 2 separate networks here, 1 for data (192.168.0.x) and 1 for VOIP phones (192.168.3.x).
I need them to both be connected to different ports on a switch (Cisco SG 300 10 port managed switch) which is then linked to another switch (Cisco Catalyst 2960 48 port switch). Then on this 2960 switch I want the link to be split back into the 2 separate networks. I think that I need to create 2 separate VLANs and assign them to different ports.
View 2 Replies
View Related
Jan 18, 2013
My problem is that the switch all of the sudden doesn't boot up anymore. The System LED constantly flashes, after probably 40-50 seconds or so it constantly lights for a second, afterwards all the lights on the ethernet ports light up for a second and the process starts all over again! The console messages:
Device configuration:Slot 1 - SG300-10PDevice 0: GT_98DX3033B (AlleyCat2)
-------------------------------------- Unit Standalone --------------------------------------
Tapi Version: v1.9.5Core Version: v1.9.519-Jul-2012 17:55:03 %INIT-I-InitCompleted:
[Code].....
View 3 Replies
View Related
Sep 11, 2012
I discovered on a pair of SG300-28P.
On a second switch (ver 1.2.7.76) when I unplugged the power cord, to my amazement the switch turned right back on (about 1 second later), with the power cord removed. To verify that the power is indeed coming from POE, the upstream switch (ver 1.1.2.0) that is the same model (sg-300-28p), shows all 7 Ethernet ports connecting the two drawing from 2700mW, to 3000mW.
While the second switch is powered from the first over POE, the POE does not work on the second switch to power anything, and the system summary mentions something about "PoE Power Information on Master Unit".
Is this a stacking operation, and is POE on the second switch NOT supposed to work when powered over Ethernet from an upstream switch?
View 2 Replies
View Related
Apr 28, 2013
I have inherited a custome with a bunch of SG300's in their LAN room and one out in the warehouse.I need to setup a VLAN and the genius before me did not label which LAN room switch the warehouse unit plugs into. Is there a tool/method I can use to find which switch, and port this warehouse switch is connected to?
View 2 Replies
View Related
Dec 5, 2012
I am having some issues with getting DHCP Relay to fuction properly over our SG300-20 Switch.Out current layout is as follows. Hanging off the SG300-20 are a pair of Clustered Checkpoint Gateways with VLAN'ed interfaces in Both of our 2 VLANs, a 3COM 4200G In VLAN1 which has the DHCP server (And all the other Servers) connected to it, and a Pair of HP Procurve 2520's Stacked in VLAN 2 to provide PoE for our Phones/connectivity for our PCs.The problem is I cannot get the DHCP Relay to fuction from VLAN 1 to VLAN 2. If I assign an address in VLAN 2 manually to a device connected to the Procurves, everything works fine. I am able to reach both VLAN 1 and VLAN 2, but DHCP aquisition fails even if the device is connected directly to a port assigned to VLAN 2 on the SG300. The SG300 is running at Layer 3 currently also.
Here is a copy of the running config:
--------------------------------------------------------------------------------------------------------------
switch4db24f#show running-config
vlan database
vlan 2
exit
interface range gi8,gi16
switchport default-vlan tagged
[code]....
View 6 Replies
View Related
Aug 30, 2011
Our customer use catalyst switch that spanning tree be PVST+ mode.I take SG300 connect with this catalyst switch.Does it support ?If it support,how to config on SG 300 ?
View 1 Replies
View Related
Mar 9, 2012
I have two switch SG300-10 that need to be interconnect togheter with a simple redundant "cable fail safe" configuration.My idea is use the two uplink copper port of the first switch, connected to the two uplink copper port of the second switch.
How to create a working setup configuration? The first setup that i need, is with only one VLAN1 for all ports,
The second setup is with the VLAN1 assigned to the ports 1-2-3-4 of all the two switch, (linked togheter by uplink ports)
and the VLAN2 assigned to the ports 5-6-7-8 always linked togheter with the same uplink ports.
Is possible use the two uplink port at the same time, as cable fail safe? or use a uplink port 1 for the first group and the second uplink port for second group?
I need to use this configuration for audio cobranet transport, and i need to test the correct configuration for the primary and secondary audio stream, if can work togheter on the same VLAN or i need to separate the two stream, from start to the end.
View 1 Replies
View Related
Apr 1, 2012
I have my network with severals SG300 switches.I have one of them like my core switch working in layer 3 mode. With 2 vlans and vlan interfaces to each vlan.Everything is working ok.But now i have to connect one 3com unmanage switch that have host from vlan 1 and 2. How should i connect this switch to my Cisco sg300 switch?
[code]...
View 2 Replies
View Related
Jun 21, 2012
Created 2 separate VLANs on SGE2010P switch. Neither in Native VLAN 1.
For example;
-Port g01 in VLAN 56
-Port g25 in VLAN 56
-Port g10 in VLAN 10
-Port g37 in VLAN 10
All appears to work well within the respective VLAN (i.e. DHCP, ARP, etc. no IPs from other VLANs)STP - Spanning Tree is Globally disabled.
However; when I feed a n new network (which has STP enabled) into VLAN 10; I then plug a laptop with wireshark running into VLAN 56 - cannot see any other traffic/packet...except STP packets coming from a CISCO device on VLAN 10 while I am plugged into VLAN 56.
This demonstrates to me the network is not truely seperated. I know this because last night I crossed two networks and caused havoc; ouch.I configed a D-Link switch with the same scenario and no issue.
View 5 Replies
View Related
