Cisco Switches :: SG200-26 VLAN To SPA303 Not Working?
Apr 16, 2013
We recently purchsed a SG200-26 and have several SPA303 with the 2 ports. The other component is a Sonicwall NSA3500.The SG200-26 is on an interface of the Sonicwall that interface has a primary of 172.20.3.x and the sub interface is 172.20.5.x. I labed the VLAN as 5?I went to the "Create VLAN" in the SG200-26 and also created VLAN 5 and under Voice VLAN the ID is 5.Then I went to the SmartPort and assigned GE24 as IP Phone + Desktop. That was OK. But when I go to the SPA303 and Enable VLAN and VLAN ID 5 I get Initializing Network. I am able to ping the 172.20.5.1 which is the gateway for the VLAN but still pull no IP. I also have an DHCP range assinged the subinterface.I also am using Cisco Configuration Assistant. I can see the switch SG200-26 and my IP set but it shows no IP. So I know that the CDP from the phone to the switch is working.
i have a question about the proper method to setup up vlan(s) on a sg200 switch with a sv220w router. Should i setup the vlan on the router or the switch? I have small office setup, i need atleast 2 vlans to separate the networks. i want both to have internet access but be completely isolated from each other.
I start writing this post telling you that I'm not a qualified network admin, so I beg your pardon if I do not use appropriate terms in my question. Also my english in not so good since I'm Italian and my english in almost scholastic.
This is the "story" :
I bought two switches as described above and actually I have to create 2 VLANS as described below :
VLAN id 2 name "Service_A" ports 1-4 VLAN id 3 name "Service_B" ports 7-9
all other ports can stay in default VLAN1.
my network infrastructure have some other very simple swtiches connected and 1 soho router (static ip 192.168.1.1) with dhcp active and ip pool address released from 192.168.1.100 to 200.
the SG200-26 have static ip 192.168.1.254 and 192.168.1.253
I need VLAN for privacy matter so all computer connected to ports in VLAN2 cannot see nor enumerate PCs and resources on other VLANs, but I also absolutely NEED that all computer in every ports (and every VLAN even default VLAN1) can access the internet.
My organization wishes to host a LAN gaming event. The setup I have in mind involves a 24-port switch for connecting all the player computers and having that switch connected to a smaller "core" switch which has the the game server and router connected to it. I'd like to know if I can set things up as follows...
SG200-26 with ports 1-24 on seperate VLANs so they cannot talk to eachother. I'd then like ports 25 and 26 to be an aggregated (for bandwidth and redundancy) trunk port to carry all 24 VLANs plus an additional management VLAN (ex. VLAN 100) that will be used for accessing the switch. I'd like those aggregated trunk ports to connect to an SG300-10 "core" switch which will be connected to the game server and to a router for internet access.
I'd like the ability to have two network connections from the game server to the switch, one on the management VLAN and one on a different VLAN (ex. VLAN 50) that will be accessed by the players (ports 1-24 on the SG200-26). The core switch needs the ability to perform restricted inter-VLAN routing, in that it doesn't allow VLANs 1-24 to talk to eachother but they can talk to the server's VLAN but only through specific service ports (ex. port 12345, 12346). Is this possible?
Furthermore how would I configure the SG300-10 to allow VLANs 1-24 to talk to VLAN 50, but not themselves or VLAN 100. As well, I'll probably have the router on it's own VLAN (ex. VLAN 60) and allow VLANs 1-24 to access it but only through HTTP port 80 for web access.
We have two Web Servers and configured as Network Load Balancing in a cluster for failover.
WEB1 IP: 192.168.1.50 WEB2 IP: 192.168.1.51 Both configured with Cluster IP: 192.168.1.100 on Multicast mode.
TEST ON LAB USING ORDINARY 10/100 UNMANAGED SWITCH I can ping all the IP addresses on the LAN and when I http://192.168.1.110 on any PC on the LAN works no problem.
TEST ON PRODUCTION USING CISCO SG200 50/50 PORT SWITCH I can ping all the IP addresse on the LAN and when I http://192.168.1.110 on a different machine i did not work, but on the server itself will work as expected.
NOTE: Both tests are on LAN only.
I wonder if this is something to do with the switch because of Cluster IP MAC address. Do I need to configure something on the switch?
I am new to VLANs although I generally understand the concept. I have a small office with 25 desktop/laptops and 15 VoIP phones connected with a SG200-50 switch and on Port 1 I have the Cisco SRP541W router for DHCP and Internet access. My goal is simple: 1) Segregate the VoIP phones (voice) from the computers (data) and 2) Prioritize the VoIP phones traffic.
I believe this can be accomplished by setting up a second VLAN and maybe a third (if the default should not be used) and then identifying those ports as Voice VLAN ports. I guess I just need to know how to flag each interface and each port so that they all can talk to the router on Port 1 yet the voice and data will be in different broadcast domains. Also, do I need a management VLAN??
Is this setup correct? VLAN 1 - default (data) Port 1 (Trunk) (Tagged)Port 2 - 30 (Access) (Untagged)VLAN 2 - voice Port 1 (Trunk) (Tagged)Port 31 - 48 (Access) (Untagged) What should the interface settings be on each port (General, Access or Trunk)? What should the port VLAN membership be on each port (Tagged or Untagged)??
Is this known bug that you cannot backup (export) full running or startup config from this switch? Will this be fixed in next firmware? (btw, still no new firmware with CDP support for this script altough sales literature mentions that it should have already been available...)Switch does let you backup configuration as text file (which looks similar to normal IOS config syntax), but it doesn't contain all settings so the file is pretty much useless to restoring the config to another switch.At least following settings are missing from the file:
- management interface config (including DNS settings) - passwords - remote syslog server config - SNTP server config - IGMP config - LLDP config
SG200-08 and SG200-08P fail to hold or update Date/Time.(New installation for a UC320 setup.)I've got both an SG200-08 and SG200-08P that are failing to maintain date/time when set with "Use Local Settings". Every restart/powercycle causes them to reset to Dec 31 1969. Other settings save fine.I first tried to set time via SNTP Unicast using a variety of public time server addresses including the 3 hard coded to the SG200-08 firmware:
Sadly though it always just shows "Active Server Server Host Address: 0.0.0.0" and continues having 12/31/1969 as the date. Both after a config save and a reboot.I can ping the NTP servers just fine from the switches either by IP or by hostname.At this point I've decided that I must be missing something simple. At least I hope so... otherwise it's a firmware bug which means waiting for a fix.Other devices behind the same firewall/gateway (RVS4000) are updating NTP
On the SG200-side I've set the IP-address and default-gateway accordingly, however:From the SG200 I can't ping any other host on the same IP-subnet as the switchFrom the SG200 can't ping the default-gatewaycan't ping from any other host or the default-gateway *to* the switch But:On the SG200 I've got plenty of MAC-addresses under "Dynamic Address Table" - however only MAC-addresses that belong to the management-VLAN of the SG200 (i.e. VLAN9 in my case)The MAC-address table on the SG200 even includes the MAC-addresses of hosts on the same VLAN I tried to ping without success. For example: I tried a PING from a host having a MAC-address of 00:19:bb:31:91:30. This MAC shows up in the arp table of the SG200. To cross check I connected a dedicated PC to the SG200 and assign it an IP-address out of the management-LAN-range of the SG200 - in this case I can access the switch (i.e. PING, WEB etc.)So to summarize: Connectivity is OK when going from directly connected devices to the SG200. No connectivity from devices that are behind the C2960S towards the SG200 and vice versa. (The problem is definitely not with the C2960S-side since we've got plenty of them hooked together without problems.) I'm enclosing the screenshots of the corresponding definitions on the SG200.
At our office we use seven Cisco 300 Series Small Business Switches. One main switch in the server room and one in each room. They work great! But I’m having difficulties getting the Auto Voice VLAN to work correctly. In fact, it seems to works straight away on a PoE model, but not on the non-PoE models.
All these switches use firmware v126.96.36.199. The switches in each room are connected to the central switch by Link Aggregation. The main switch is configured in Layer 3 mode and all the others in Layer 2 mode. We have a lot of VLAN’s configured. For this problem allow me to describe only the two that are relevant.
VLAN 102 - Internal Network (Clients)VLAN 104 - Internal Network (Voice) The switches on each room are mainly used for clients, printers and IP phones. The clients and printers should operate in VLAN 102. The IP phones should operate in VLAN 104. For this to work I have the 10 port switches configured as following.
GE1 – Trunk – 102U;104TGE2 – Trunk – 102U;104TGE3 – Trunk – 102U;104TGE4 – Trunk – 102U;104TGE5 – Trunk – 102U;104TGE6 – Trunk – 102U;104TGE7 – Trunk – 102U;104TGE8 – Trunk – 102U;104TGE9 – Trunk – 1P (LAG 1, with 1U;102T;104T)GE10 – Trunk – 1P (LAG 1, with 1U;102T;104T) The network is fully routable. A DHCP Server is available. Each VLAN uses DHCP relaying. If we statically assign a VLAN to a port, that just works fine. Auto Voice VLAN is enabled with VLAN ID 104. All switches are configured the same. But this is what occurs…
When I connect an IP phone on the SG300-10P the IP phones are assigned to the Voice VLAN ID 104. If I would connect a desktop to that same port it is assigned to VLAN ID 102. Exactly as it should.But when I connect an IP phone on a SG300-10 the IP it is assigned to VLAN ID 102. But I also noticed that in some cases they are assigned to VLAN ID 1 and don’t get an IP Address. That depends in which order I change settings. The port its VLAN membership is then even changed to 1P. Although the port is recognized as an “IP Phone” by the smartport feature. I have noticed it does make difference if I modify the smartport macro and change the native_vlan paramater from "1" to "let's" say "102". That seems to affect it. Of course it may be just coincidence. What am I doing wrong? How should it work?How should you actually configure each port on a switch? (trunk?, Tagged/Untagged VLAN?)If you do not use Telephony OUI. Do you still need to configure the macros on the smartport defenitions?
I have tried about everything. I have also tried Telephony OUI, but it doesn't make any difference. I just can't get it to work properly on the non-PoE switch.
We have two Cisco switches with one 3560 and one 3750 we have created a new Vlan 4 with IP 10.1.3.x 255.255.255.0 - no shut then assigne to gi 2/0/46 on the 3560 Vlan 4 ip address 10.1.3.x 255.255.255.0 no shut then assign to FA0/45. All interfaces are up up along with the Vlan up up, we can ping the local IP address bu not able to pint the other switch.
We have a project in which we are using 34 Cisco SG200-18's each with a MGBLX1 (LC Single Mode Fiber) SFP mini-GBIC.All the fiber's come back to one building where we must "bridge" all 34 fiber connections. What hardware should be used to accomplish this? A L2 switch? For example, a 12 port SFP Switch with Fiber SFP's accepting the first 12 fiber connections, then other switch with SFP for the next 12 and so on, until there is a overall capacity of 36 and having patch cables between the 3 switches?
what cisco or non cisco hardware would work with these SF200-18's to accomplish this?
We are replacing some netgear switches with the Cisco SG200. The situation is relatively straightforward. We have a series of VLAN's coming in on a trunk from a service provider for our Metro Ethernet locations. These trunks then get cross-connect to various location for connectivity. The problem we have is there are two VLAN's that need to go to the same switch which provides access to our public IP block.
I set up the two VLAN's on the SG200 with the trunk port VLAN tagging on the service provider port. Then I set up a separate port for untagging the traffic with the PVID of the respective VLANS's as follows: [code] The public switch has no VLAN's configured (it is an SG200 too). If I connect GE2 to the public switch everything works fine. When I connect GE3 to the public switch, things die. I thought this might be caused by STP although STP should not be detecting issues like this across separate VLAN's. Disabled STP, no change.The same configuration with the Netgear worked without an issue. FYI, the VLAN's cannot be changed...they are defined by the service provider in this particular case. otherwise we'd just make them the same..
I need to purchase a few Gigabit PoE switches for a small business and I am thinking that SG200 or SG300 switches are perfect for this purpose.
Layer 3 functionality in SG300 switches is not great - HSRP or any other next-hop redundancy protocol is not supported, dynamic routing protocols are not supported, policy-based routing is not supported, etc. I may get one SG300 switch for inter-VLAN routing so that I do not have to send traffic to a Layer 3 device for this purpose, especially because my Layer 3 device (ASA5505) has only 10/100 Mbps interfaces. All other switches in the network don't have to be Layer 3 switches, and I am thinking of perhaps getting SG200 instead of SG300 swithces. However, because I am a long-time Cisco engineer, and know ins and outs of the IOS CLI, I would much rather administer the switches with CLI rather than GUI. So, do SG200 switches provide CLI (even if it is not officially supported) or is the only Small Business switch platform that supports CLI SG300? I do realize that the OS running on these switches is not IOS, but after having reviewed the CLI manual for SG300, I would say that 90+% of commands are identical to IOS CLI commands.
I just picked up a pair of 18-port SG200s, and I'm trying to figure out of there's some secret trick to getting CLI access to them? I've upgraded to the latest version of firmware (188.8.131.52) hoping that may work, but no luck.I can tell the guts to support a CLI are there, because writing the config out to a TFTP server shows identical an identical config style to the SG500 I have here.Is there some way to enable it?
I am trying to set up three vlans across two switches. The switches are Cisco SG200 and SG 300 series. There are 20 devices connected to the two switches including a router for Internet. Among these devices are five wireless access points all hardwired to the LAN. If I understand correctly the first thing I have to do is aggregate the two switches. I ran two cat5 cables to ports 1 and 2 of each switch. As I understand it all I need to do is to create SAG with the two ports on each switch. I think I need to use tagging but I don't really understand how to do this. Once I get the trunking set up correctly I want to create one vlan to which all devices will belong for Internet access. The other two would be for data and VoIP. Do I create vlans with the same name on both switches? When I assign the devices (by port) do I need to enable tagging? Which type of port setting should I use? I am assuming that by including the acess points in the vlans will mean that any wireless device connected to them will have acess to the Internet and the devices in the same vlan.
As per the title, I just require 3 to 4 VLANS with inter-VLAN communication enabled.
In the past I have used this router with each port of the internal switch set to a different VLAN, with each in turn hooked up to an unmanaged switch. This has work fine for me but I want to dip my toe in the world of .1q VLANS and gain some added flexibility and neatness.
I have an SRP547W hooked up as the office router with the standard office phones connected via the telephone ports at the back of the unit using 2 SIP lines as well as the PSTN by dialling hash first. We have just added a new staff member and bought an SPA303 with the intention of connecting it through registered SIP lines on the SRP547W, and hopefully have the facility to use the PSTN line when the SIP lines are busy.
The problem is, it connects to VLAN100 and gets its IP address and initializes fine however no lines show as configured and it can't make or receive calls. What do I need to configure on the SPA303 to tell it to use the SRP547W as its SIP Server/Proxy (not sure of the terminology).
I was given a task of creating a vlan and isolating one pc to access an internal website (192.168.90.15) on a specific port (port 8080)The pc is connected in the following manner:
PC--> HP Switch --> Cisco Small Business SG200 switch --> 3550 Catalyst 1, 3550 Catalyst 2 and 3550 Catalyst 3.
I have created a vlan 110 on the Main 3550 Catalyst switch and successfully added the pc to that vlan.However, that PC must be able to access the internet and an internal website on port 8080.I have placed an access-list on the main 3550 catalyst switch which is connected to our router as below:
Client ip address: 192.168.100.2 VLAN 110: 192.168.100.3
access-list 110 permit tcp host 192.168.100.2 host 192.168.90.15 eq 8080access-list 110 permit icmp host 192.168.100.2 anyaccess-list 110 deny ip 192.168.100.0 0.0.0.255 ? I was unable to access the webserver even after many attempts.
The Access points are capable of doing V LAN tagging so I plan on having them tag a guest network as V LAN 101. That can get sent to the V LAN aware router and out. No problem. I have some devices, or management pages that I don't want accessible from the general network. (Intel V pro KVM, Remote Management Cards, AP Config Menus, Switch config menu...) . I need to be able to take a V LAN unaware device, plug it into port 1, and have it communicate with V LAN 98, 99 and 100.
I am trying to connect an SG200 to a customer's existing network. The customer does not want to receive any bpdu frames from the SG200. The customer's port has bpdu guard configured to err-disable their port upon receipt of a bpdu.
How do I completely disable spanning tree on the SG200 so that it does not send any bpdus?
My SG20-50P Switch Log appears as follows with Random ports going up and down. I am trying to find out if this links to another problem I'm having with a Client Server software locking up on the client end. The hardware, thin clients and desktops, are working and have checked all sleep and power settings. All items in working order, now I'm wondering about the switch
I saw the announcement stating that "200 and 300 Switches now supports Cisco Pre-standard POE" available here:[URL]However, I cannot find the 184.108.40.206 firmware for the SG200-08P in the download center (latest is 220.127.116.11).Does this mean this doesn't apply to the SG200-08P?If it doesn't apply, any other switches with 16 or less all gigabit ports which support legacy PoE?
I just purchased a SG200-50P switch to replace a WS-CE500-24LC, that had a limited amount (4) of PoE ports. I was running Cisco 7940 IP Phone, Cisco AP1231 and AP1100 series access points via PoE off of this switch.
When I attempt to plug in these device types into the SG200-50P they do not power up. What is going on? Why do these devices (7940 IP Phone, 7960 IP Phone, AP1100 series access point, AP1231 series access point) not get PoE from the SG200-50P switch?
I have an SG200 switch and am trying to import a certificate signed by my own CA. I generate the CSR and sign it using Java's key tool with my own root cert. When I attempt to import the resulting cert, the switch blanks out the certificate text box and deletes all of my d name data (CN, etc) from the switch. What am I missing?
When I came back home today I saw that my SG200-08 switch did not look fine.Basically, the system LED of the switch keeps blinking and end devices connected just don't have any network.I tried to reset the switch with the "reset" button (with a paper clip) the system LED was orange during just a second and then continue to blink.What is wrong with the switch?Is there a way to flash a new firmware and/or to delete the configuration file?
I am thinking of buying a SG200-26P switch and have a few questions:Is it possible to disable the PoE function on the 12 PoE ports?I need al the ports but only 6 with PoE.What happens when you connect a non PoE device to a PoE port?