Cisco Switching/Routing :: BCMSN 642-812 End-to-End VLANs Vs Local
Feb 10, 2008
I am working on getting my CCNP. The first exam I plan to take is the switching test BCMSN 642-812. Using the 4th Edition Self-Study Guide from Froom, Subraniaman, and Frahim.In Ch-4 it talks about End-to-End VLANs and Local VLANs. I read that section 4 or 5 times and still did not understand the difference between them two.I know one spans across the entire network and the other is local. What do they exactly mean by that?
View 15 Replies
ADVERTISEMENT
Jul 4, 2012
upgrading our small office network. We currently have about 75 employees with probably 125 devices on the network. I'd like to create about 10 vlans for the different departments and then configure intervlan routing as needed. Currently we have all unmanaged switches and it's just a huge broadcast storm on the network. We are upgrading our Cisco 800 router to an ASA5505 sec. Plus license. I need some recommendations on switches. Of course, this needs to be done as cheap as possible.... Is there a way to use the ASA to configure all the vlans and intervlan routing and access lists and use a cheaper switch to provide the access layer to hosts?
View 4 Replies
View Related
Jan 23, 2013
I have the following config using a Cisco 1921. I am trying to get devices on the the native VLAN to get internet access via the gateway x.x.x.73.Any thing being routed from the other Vlans 15/20/30 can get access, but nothing from an internal IP address. Is there something I am missing.
The Xs replace the same 3 octets for each interface.I am trying to route from VLANs 15/20/30 to see VLAN 5. I have tried a few things, in terms of adding extra ip routes, but can't get anything to work. Each of those Vlans have another router on the other side of them, which I have also tried adding ip routes too, but nothing. One of the routers (Vlan15 is a Draytek 2830). [code]
View 5 Replies
View Related
Mar 27, 2012
I have purchased these two switches from ebay as a test lab, I plan to connect them up via a gigastack modulecable and enable ip routing on the c3550 and vlans to talk to each other.
I'm very much a procurve person and really need to get into the cisco switching.I will want to trunklacp between the switches - whats the process is setting that up on cisco switches?
View 1 Replies
View Related
Feb 19, 2012
I have a 3560E with 2 vlans that I want to route between. one device with 2 vlans and route between.Interfaces are configured as such:
int g0/11
switchport mode access
switchport access vlan 10
int g0/12
switchport mode access
switchport access vlan 11
[code]...
Laptops on each port with 10.10.10.2 and 10.10.11.2 configured on them. I can ping from 10.10.10.2 to 10.10.11.1, but not to 10.10.11.2.What do I have to configure to be able to get the 2 laptops to talk to each other?
View 9 Replies
View Related
Jan 24, 2013
I am setting up a vm environment for a customer in my lab off site. I have two stacked 3750-x switches, a san, and threes UCS c220 M3S servers for hosts. I am trying to separate the lan traffic, san iscsi traffic, and san management traffic using vlans. The problem is i'm unable to communicate cross vlan with my current config, which I have attached to this post. The only noteworthy things in my conifg is that the ip route 0.0.0.0 0.0.0.0 192.168.83.6 is referring to a switch stack they have on site, that I will connect this stack to using the first two trunk ports on each switch, that I do not have here in the lab. I don't want to cause any confusion in why I have things set a certain way.
View 1 Replies
View Related
Jul 24, 2012
The situation include 2 cisco routers an 2 switch 3550
so we have Router A in Vlan x access ----->Sw1----Trunk----Sw2<------Vlan y Access Router B I 've to enable rip1 on guys A and B ONLY !!! Avoiding any kind of tunnel I though it was all around fallBAck bridging ... but after days of tries ...
View 3 Replies
View Related
Jul 24, 2012
I have tried to test copy tftp: numerous time with no success. I believe the reason it is failing is my laptop to Ethernet port is in vlan 62 and the tftp process operates in a different IP space.I am using gig 7/1 and configuring my laptop nic for x.x.x.254 mask 255.255.255.0. I can ping from laptop to gateway) and I can ping from the switch to my laptop using ping vrf production x.x.x.254. Can you tell me what vlan I need to set my laptop connection in or if there is something else I need to change to make tftp work on vlan62?Does TFTP only work in vlan1 or can it be changed?
View 2 Replies
View Related
Oct 23, 2012
I recently set up a Cisco 881 to cover a small business network. The router is currently set up and working as expected. We recently decided to move to VoIP phones and here is where I'm running into some issues.
First an overview: We run a network with a cable internet WAN connection, this connection is DHCP, however we have a static IP through our ISP. We also have a block of 30 additional IP addresses for one to one mapping as we need them. The new VoIP system is being run over T1 lines throughout the township (we are a municipal organization) and the VoIP system is being run to about 5 buildings in the township.
This brings me to the topic of VLANs. As the phone engineer explained it to me, there is a network set up over the T1 that allows the VoIP equipment to talk to one another and operates all of the VoIP phones on one network. The equipment that is being installed at our building connects to the network over the T1 and "talks" to the other equipment on the network. The engineer wants to create a VLAN and run it on ports fa1 and fa2, with the fa2 port being connected to the actual "MPLS" (their term) that connects to the T1 and into the cloud, and the fa1 port connected to the internal phone switch.
TLDR; The problem is this: When we attempt to set up the VLAN on ports fa1 and fa2, we have no connectivity with the other units in the external VoIP cloud. Pinging while directly connected to the "MPLS" yields successful pings, while pinging from the router with the "MPLS" connected to fa2 yields failures. I'm going to post the running config below, I feel like what we're doing should be working. I asked around about subinterfacing, but others seemed to think this was not necessary.
ROUTER CONFIG
Building configuration...
Current configuration : 4909 bytes
!
! No configuration change since last restart
version 15.1
[Code].....
View 10 Replies
View Related
Dec 12, 2011
I have VLans 20 and 21 set by ISP for Voice and Data respectively.What will happen if I already have VLans 20 and 21 in my Local network?
View 4 Replies
View Related
Jun 18, 2012
I just want create vlans on switch sge2010p
Scenario:
vlan10
ip address 192.168.10.254/24
vlan20
ipaddress 192.168.20.254/24
vlan10 needs internet.
I have a static ip internet which is 200.33.22.11 gateway: 200.33.22.10 I have a router configured working as gateway, It has ip 192.168.2.1.
I have configured two vlans. But when I try to check if vlan has internet, it doesn't work.
View 2 Replies
View Related
Mar 18, 2013
I have the need to filter multicast between vlans as described below. PIM Sparse-Mode is being utilized for this multicast network and changing any Vlan to PIM Dense mode is not an option.
- Vlan 217 and Vlan 4 should not be communicating on mcast with any other vlan, including eachother (each vlan isolated).
-Vlan 64 and Vlan 80 are able to communicate witch each other on mcast but not with any other vlans (isolated vlan group).
-All other vlans can communicate mcast freely.
What I've created thus far is below. It does not appear to be the most elegant solution and would be difficult for the administrators to adjust as new requirements come along. Yes, I will be adding the appropriate link-local multicast addresses so as to not break routing and other dependent technologies.
ip access-list ext ANY_CONN
permit ip any any
ip access-list ext MCAST_INTRA_217
permit ip 224.0.0.0 15.255.255.255 133.106.197.32 255.255.224.0
permit ip 133.106.197.32 255.255.224.0 224.0.0.0 15.255.255.255
ip access-list ext MCAST_ISOLATE
[code]....
View 1 Replies
View Related
Mar 18, 2012
We have the need to create a large number of VLANs on one of our networks. We're talking about 60! These will all terminate on a pair of 6509-E switches (building core). We use MSTP as a standard on our network so I'm going to stick with that so that we can dramatically reduce the number of STP instances needed. However, regarding the SVIs (default gateways) is there any reason why creating 60 of these guys would be considerd a big no-no? Or would you expect the 6509s to deal with them like a boss?
View 4 Replies
View Related
Jun 12, 2012
I have 10 2950 switches on my network that support only 64 vlans on each one. I actualy have requrement to cleate around 100 vlans acros them, can I switch off vtp and create required vlans manualy? I will have more or less following set up:
router
|
2950 - vlan 1,2,3,4,5,6,7,8,9,10
[Code].....
View 12 Replies
View Related
Aug 27, 2012
I need to set up a VLAN. We just bought the SG500x switches and we need to create several VLANs.
So for example:
192.168.1.x --> Vlan 1
192.168.2.x --> Vlan 2
192.168.3.x --> Vlan 3
What I would like to know is how do I come about setting this up and do I have to do something with my DHCP server to allow this to happen?
View 2 Replies
View Related
Feb 18, 2012
Is is correct that vlan's exceeding 128 runs without spanning-tree.?
View 7 Replies
View Related
Mar 4, 2013
I'm unable to pass the required vlans networks to my firewall I have different vlans configured for each floor of the building, All these floors have Nortel switches which are connected to the core switch through fiber link.
I have a Cisco 4507R-E core switch. Config for the core switch below: what else has to be done in order to pass the vlans to my firewalls.
Current configuration : 18527 bytes
hostname HQ_Prim_Core_Swt
boot-start-marker
boot-end-marker
enable secret 5 $1$xj2Z$TmV9chRtQWCuXYMsCtBVW/
enable password 7 13521317135C0729
[code]....
View 5 Replies
View Related
Sep 5, 2012
Is this supported on a 3750X ?? A router has two VRFs and its lan interface is a trunk with 2 VLAN IDs, let say VLAN 10 and VLAN 20. The ip address subnet of these two vlans is the same (therefore , they are in different VRFs)
fa0/1
VLAN 10 = 10.15.4.9 (VRF A)
VLAN 20 = 10.15.4.10 (VRF B)
This router is connected on a 3750X switch. There is a firewall connected to this switch also, which is default gateway for several VLANs including VLAN 10 (10.15.4.1)
The goal is that VRF B ip can talk to 10.15.4.1 and VRF A can talk to 10.15.4.1 but VRF B can't talk to VRF A (10.15.4.9 <-> 10.15.4.10)
FW |--- TRUNK VLANs 1,2,3,4,10 ---------| SWITCH |----- TRUNK VLAN 10,20 -----| ROUTER (vlan 10 = VRF A, vlan 20 = VRF B)
I think this is not supported on the C3750, as my promiscuous port is located on a trunk.
View 1 Replies
View Related
Jan 24, 2012
I have a stacked Cisco Catalyst 3750 configuration that currently has one V LAN configured. VLAN 192 - 10.192.0.0/16
The Catalyst has an ip on this range of 10.192.0.1. I would like to configured a few more V LAN's to be able to run some more network ranges through this device. Would it be a case of just adding the V LAN's to the master and then configuring an IP for each V LAN within the inter-v lan routing section? Some V LAN's will require access to each other but not all.
View 8 Replies
View Related
Jan 17, 2012
see the attached diagram to explain the network. I'm trying to do a "port-to-port" layer 2 connection on an ASR that will bi-directionally bridge a physical interface to a sub-interface. I tried using " connect VLAN200 Gig0/1/0 Gig0/0/3.200 interworking ethernet " but I'm not getting traffic through the connection.
I don't think BDI will work because it requires a Layer 3 point. I have to make this Layer 2 switching.
View 5 Replies
View Related
Nov 2, 2011
3945 is running c3900e-universalk9-mz.SPA.151-4.M2
3560e is running c3560e-universalk9-mz.150-1.SE
I've got brand new 3945's with onboard 16-port 3560e switches. On the first power up I see that there are several new vlans added that appear to be default vlans..
vlan 2 name fst2
vlan 3 name fst3
vlan 4 name fst4
vlan 5 name fst5
vlan 6 name fst6
vlan 20 name VLAN0020
vlan 21 name VLAN0021
vlan 22 name VLAN0022
vlan 23 name VLAN0023
vlan 99 name VLAN0099
I deleted the vlan.dat and reloaded the switch but these vlans come back. What these vlans are intended for and is there a better way to get rid of them? What does "fst" stand for?
View 4 Replies
View Related
May 9, 2012
Switch: SG500 VLANS: 1 (default) xxx.xxx.0.0/24 network, 150 (device management vlan) xxx.xxx.150.0/24 network I am plugged into port 1. This is a trunk port with VLANs assigned as follows: VLAN 1 (Default) - UntaggedVLAN 150 (dev mgmt) - Tagged Device is plugged into port 2. This is an access port with the following VLAN assigned: VLAN 150 - Untagged Why is it I cannot communicate with the device on port 2?
View 1 Replies
View Related
Apr 9, 2012
Recently purchased 5 SGE2010P 48-port switches to replace older L2 switches. I have 4 switches in single stack and one as a standalone. Both the stack and standalone will connect to at least 1 Dell 2724 switch. Both the stack and the standalone Cisco are in Layer 3 mode.
I have created several VLans on the Cisco switches, and am trying to assign an IP address to the VLan, but cannot seem to figure out the web gui. Each time I try to use Systems > System Management > IP Addressing > IP Interface, then click Add, it simply changes the existing IP of the management interface. So, I'm not sure how to go about assigning an IP Address to an Vlan.
View 15 Replies
View Related
Oct 1, 2012
I have a pair of Core VSS 6509E SUP 2T. Two different LANs, two diff. Subnets. larger LAN has been connected to the VSS pair usng normal SVI and Post-Channles (has lots of closets 3750 stacks) and no problem. Second LAN, two closets, stacked and connected to each other via Port channel and trunk + SVI interfaces. Now, I have SVI interfaces for both LANs on teh VSS pair and that is causing traffic from one LAN to jump over to the other VLAN and rightly so because the VSS pair see both subnets as directly connected subnets. I was wondring if I delete the SVI for the second LAN and only keep the L2 VLAN this will be resolved> The reason for the second LAN to connect to the VSs pair is only that It has to go through the VSS pair to get to the WAN router (both LANs will go out through this Same WAN router) but WAN router is not my concern at this time. I need to isolate these two LANs/subnets traffic so no one VLAM traffic jumps over the other.I have also thought about VRF but at this point I am not sure if teh 3750 stacks supports VRF and if it does how to implement VRF on the second and samller LAN to just allow it go through the VSS pair in order to get to the WAn router.
View 13 Replies
View Related
Sep 13, 2012
I have a above said switch at my remote office (600KM) which is connected with L2 Point to Point leased line. Both the ends I have Cisco 3950 catalyst switches with Vlans configured at both the ends. Now, for obvious reasons I should remove the other end 3950 switch and replace with Cisco 2950 switch. The other end 3950 is having 4 Vlans configured on 4 ports. Now my requirement is, I should configure 3 Vlans (one for P2P, one for 10 Desktops and one for to bring traffic from other network).
View 1 Replies
View Related
Mar 16, 2013
i have one SF300-24p switch where i setup some Vlans and echolife hg8245 ONT router to access internet. the diagram is the following
VLAN1 (Subnet of users) -----> Switch SF300-24p
VLAN2 (Subnet of users) -----> Switch SF300-24p
VLAN3 (HG8245) -----> Switch SF300-24p
VLAN4 (Servers) -----> Switch SF300-24p
i want to control access to internet on VLAN1 and VLAN2 (access on VLAN3), while providing access to VLAN4.My problem is in connecting to internet, i can't find a way to "route back traffic to VLANs 1 and 2 since HG8245 don't seem to provide proper static routing ON LAN interface. Maybe without resorting to changing the HG8245 router ?
View 1 Replies
View Related
Feb 8, 2012
I have two switches, a 2960 (sw01) and a 2948 (sw02). The sw01 is trunking via dot1q on Gi0/24 to sw02 on 2/48. Why are VLANs 2-4 not active on sw02?
sw01#sh int Gi0/24 trunk
Port Mode Encapsulation Status Native vlan
Gi0/24 auto 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/24 1-4094
[code].....
View 5 Replies
View Related
May 20, 2013
PCs --> SG500(4 vlans) --> rv042 --> Internet..vlan 1 is able to reach the internet..vlan 2-4 cannot reach the internet, but can reach vlan 1.
View 2 Replies
View Related
Aug 28, 2012
We have a requirement for private VLANS for DMZ hosting within one of our datacentres. I just want to query how private VLANs would work in our environment.We have physical servers connected to fex ports (2 fex per rack for each 5k) of a 5548UP switch, virtual servers using the nexus 1000v (vmware hosts connected to fex ports) Out firewalls and load balancers are connected to an upstream pair of nexus 7ks using vPCs.My question is this, ordinarily the firewall would be in a promiscuous port but as these reside on a physically separate switch will the normal vPC trunk still be sufficient or would the "switchport mode private-vlan trunk promiscuous" be required on the vPC up to the northbound 7k.As these connections are already in production I do not want to affect the existing traffic that doesn’t use private VLANs.
View 3 Replies
View Related
Sep 14, 2012
I have set up a couple of vlans on a cisco 1721 router 4esw card using the vlan database and assigning an ip address of 192.168.1.x and 192.168.2.x for each vlan interface.Strangely enough connected computers can talk to the other vlan and I have not set any subinterfaces on the etherner0 (layer 3) and not even connected a cable.Is there any reason why this should happen since they should not talk to eachother being on seperate vlans.Doing a tracert shows that first the vlan ip address is hit and then straight to the target pc in the other vlan?
View 4 Replies
View Related
Oct 14, 2012
I am using a catalyst 2970 switch for 2 vlans. Corporate data and a separate VLAN for backups. What I want to do is create an LACP etherchannel to the switch and also trunk these ports so the server is part of both VLANS.Due to fact that some of these servers are on totally separated networks, they really shouldn't be able to talk to the backup server. Creating the VLAN for backups works to achieve this. I plan to create inbound ACLs on each port to allow only the ports and IPs for the backup network and allow everything we need for corporate data.I read somewhere that you can't have ACLs on an etherchannel and I just want to get it all straightened out. I notice I can't add an access group to the port-channel itself but I can on the port- channel member ports. Is this all I need to do or does this not work?
View 1 Replies
View Related
Sep 21, 2011
make a couple of SF300 switches to work properly with a C2960S-48TS-L that acts as core switch/basic router. I can't seem to figure out how to assign VLANs correctly in trunk and access mode on the SF300. The 2960S are a no brainer with IOS commands but the webgui in the SF300 is a pain.
I've configured the 2960S with 3 VLANs and I would like to have the SF300 switches connect to the C2960S-48TS-L through VLAN trunk and then configure the ports on the SF300 switches to belong to the assigned VLANs of my choosing. I would also like to have all the SF300 switches management interface in VLAN 50.
I've partially described the enviroment below.
VLANs
Data VLAN 10: 192.168.10.0
Management VLAN 50: 10.20.30.0
Voice VLAN 100: 10.10.10.0
[Code].....
View 5 Replies
View Related
Jun 12, 2012
We have cisco 3550 switch i have configured 3 vlans in this switch vlans are not able to accessing internet
View 7 Replies
View Related
