Cisco Switching/Routing :: Internet Access For 3550 Switch VLANs?
Feb 22, 2012
I have a small cisco switch cluster (seven different 2924, 3524cisco switches) with 3550 as a cluster control which does all the inter vlan routing that works fine.
This cluster is in semi production PBX interop testing lab. This is a closed network without internet access and not connected to our corporate network.However now I have to add this capability so some equipment in the lab can get Microsoft updates over the internet.
I've created a port on a 3550 (fa0/19) and connected it to another network that has internet access. It picked an ip address and when I'm logged in to the 3550 I can ping hosts on the outside network. However I can't ping any hosts on that network from any hosts that are connected to my vlans.I've tried a few different things, but still can't make it to work.
Here is a short version of my 3550 configuration:
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime
no service password-encryption
[code]....
View 13 Replies
ADVERTISEMENT
Jun 12, 2012
We have cisco 3550 switch i have configured 3 vlans in this switch vlans are not able to accessing internet
View 7 Replies
View Related
Apr 27, 2013
They have a locked Cisco Router which is from the ISP and its confed on a fa 0/0 interface to share Internet access on the network. The ip on that interface is 195.198.11.217 255.255.255.252 and i tried it with a PC (set my personal ip to .218 and entered their dns info (195.67.199.27) and it is working. The question is now. My friend found a 3550 laying around and since the ISP wont let them conf their router he wants to use the 3550 to create 2 vlans with internet access and without access to eachother. Vlan 10 for the desktops and Vlan 20 for the wireless (Moving on to some netgear wireless switches) How would you configure the 3550 for this to work?
View 23 Replies
View Related
Jul 24, 2012
The situation include 2 cisco routers an 2 switch 3550
so we have Router A in Vlan x access ----->Sw1----Trunk----Sw2<------Vlan y Access Router B I 've to enable rip1 on guys A and B ONLY !!! Avoiding any kind of tunnel I though it was all around fallBAck bridging ... but after days of tries ...
View 3 Replies
View Related
Nov 16, 2011
I have router connected to 2 3550 switches directly. 3550A and B switches are running HSRP. OSPF is running between Router and 2 switches.
From Switch B i can ping the Router Wan interface but not the internet sites. from Switch A i can ping any sites?
Switch B
3550SMIB# sh ip routeCodes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1
[Code]......
View 7 Replies
View Related
Oct 9, 2012
I have a test switch (Cisco 3550) that I want to set up with 6 Vlans and 2 trunk ports. I want to be able to access a virtual server conected to the trunk ports from the switch ports. Ports Fa0/1 to 8 are in a vlan port fa0/9 to 16 another vlan etc. Ports Fa0/47 and 48 are the trunk ports. This is a lab environment so the the switch is the only device being used.
View 4 Replies
View Related
Mar 5, 2013
I have problem with IPV6 connectivity, i have two Cisco 3550 switch and they are connected over a trunk link. The ios is c3550- ipservicesk9-mz. 122- 44.SE6 , I have configured vlans on both switches and i numbered one vlan to vlan 91 ,they can ping each other when i configure ipv4 on both vlans so trunk link is functional, but when i m using IPV6 they can't ping each other!! they can only ping their own ip address not each other. [code]
View 11 Replies
View Related
Feb 20, 2012
We have a network of 30 VLANS and currently all the vlans have access to everything. We are using Cisco 6509 switch for Layer3 routing.I would like to prevent some VLANs accessing the server VLANs. How can I restrict access to the server VLANs?Do i need to implement access-lists on the 6500 switch? or do i need to create VLANS on the firewall so that all traffic i filtered ?
View 9 Replies
View Related
Feb 24, 2012
I am testing on lab equipment (2 Catalyst 3550 and 1 Catalyst 3560) HSRP version 1 and 2.I successfully created a load balancing between the two Catalyst 3550 on a couple of vlans (11 and 12) on ver 1
now, just adding the command "standby xx version 2" my hosts on the 2 vlans are completely unable to ping the virtual IP def. gw on debugging i checked that msgs are exchangedthe two cat 3550 are seeing each other on HSRP (active / standby roles)the real ip addresses are pingable rebooted the swiches (just as a last resort try)deleted arp chache on hostsremoved the auth on hsrp all of this no effect.
i also tried to modify the priority on the cat 3560 (before he was on both vlans in standby) to make it the active one and with the same config it worked flawlessly.
My only idea is that there is a bug on CATs 3550 (IOS: c3550-ipservicesk9-mz.122-55.SE4.bin) [code]
View 11 Replies
View Related
Apr 7, 2012
My problem is that I have a Cisco 300 series small business switch with multiple VLANS each one with an IP address and two or three ports assigned to each VLAN. I have an E3200 wireless router that I want to use to use to share internet on the switch. All of the VLANs are reachable from the other VLANs and I've put a static route on the E3200 so that I can reach the VLANs from a machine connected only to the router. But I can't reach machines on the otherside of the router or get to the internet from the switch.
View 3 Replies
View Related
Mar 16, 2013
i have one SF300-24p switch where i setup some Vlans and echolife hg8245 ONT router to access internet. the diagram is the following
VLAN1 (Subnet of users) -----> Switch SF300-24p
VLAN2 (Subnet of users) -----> Switch SF300-24p
VLAN3 (HG8245) -----> Switch SF300-24p
VLAN4 (Servers) -----> Switch SF300-24p
i want to control access to internet on VLAN1 and VLAN2 (access on VLAN3), while providing access to VLAN4.My problem is in connecting to internet, i can't find a way to "route back traffic to VLANs 1 and 2 since HG8245 don't seem to provide proper static routing ON LAN interface. Maybe without resorting to changing the HG8245 router ?
View 1 Replies
View Related
Apr 16, 2012
I am trying to setup VLAN's in the company I work for and I am almost there but missing the part when the internet works.I have an SG300 as a L3 Router IP 192.168.0.93.I have created VLAN20 and VLAN40 Assigned VLAN20 192.168.2.1 and VLAN40 192.168.4.1
The static routes have been created and a default router going to the Sonicwall firewall at 192.168.0.1.Port 24 is configured as Untagged VLAN1, Untagged VLAN20 and VLAN40 in trunk mode and going to the Sonicwall NSA 2400. [code]
Working to move all 192.168.0.x network off of VLAN1 and move it a management switch.I have DHCP helper on pointing to the DHCP server.Both VLAN's once the DHCP server is configured to Gateway 192.168.0.93 can get an IP from the correct subnet either 192.168.2.x or 192.168.4.x
All PC's are getting a GW IP of 192.168.2.1 pr 192.168.4.1.All test PC's on both VLAN's can ping each other and any server with the correct GW.When I try to ping google.com or open a web page and try google.com it times out.
View 3 Replies
View Related
Dec 26, 2012
I am trying to setup my 3550 layer 3 switch to do hand out dhcp addresses for different vlans. It is connected to my router address 192.168.1.1. I setup a new vlan 3 and the dhcp pool.. The client gets a 192.168.3.2 address but am not able to ping the router and other clients and get out to the internet.
Here is the config that I have. I deleted the other ports because I am not using them. The vlan 3 client is on port fast Ethernet 0/17 and the router is connected to the fastethernet 0/1.
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
[code]....
View 12 Replies
View Related
Apr 5, 2013
i am trying to set up a cisco 2950 with a vlan to seperate all of the pos machines on the network (4 of them) from all other machnes in the building (3 hard wired and wi-fi). i was going to use vlan 1 as a trunk to allow internet access to go from fa0/1 to both vlans (vlan 10 and vlan 20). i have read things about the acl having an explicit deny at the end, so i'm thinking that is my problem. i am testing it at my house before deploying it to the network. i have 1 laptop setup with an ip of 192.168.0.50, and the other is .60. my router is 192.168.0.1. i have the ethernet from the router plugged into fa0/1, the 1st laptop on fa0/2 and the other at fa0/3. before i set the vlans up, i checked the communication by just plugging them in and trying to ping, they could both ping each other, the router and 8.8.8.8. when i finished setting up the test vlans, they could not ping each other(what i wanted) and laptop 1 can ping the router, and 8.8.8.8. laptop 2 cannot ping anything.
the only thing i did was create vlan 10 and 20, set port fa0/2 to vlan 10 and no sh, fa03 to vlan 20 and no sh, fa0/1 to vlan 1 and no sh. then i did switchport mode trunk on fa0/1, and switchport native vlan 1. this seems to be how i was supposed to do it, but it's been a while since i have worked with switches. i'm sure it's simple, but after searching the internet and poring over my cisco books for 5 hours, it is turning out not to be the case. here are some details:
greenhouse#sh int fa0/1 switchport
Name: Fa0/1
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
[code]...
View 10 Replies
View Related
Feb 23, 2012
I have configured vlans in 3560G switch but vlans notable to accessing Internet
View 6 Replies
View Related
Feb 17, 2013
We need to give differentiated internet access to three VLANs. Each one of this VLANs is used for totally different purposes, so traffic between the VLANs is not allowed. Each VLAN has its own internet access provided for the data center using one fast ethernet connection.
We're thinking about using cisco 2911 for Internet access, VPN and firewall. I suppose that best option for VLANs is using Catalyst 2960S or a swithing module for the 2911, but these two options are too expensive for us. We're thinking about using swtiches from the SB series (maybe a SG-200).
We're totaly newbies to VLANs so we have many doubts. This are our questions:
1) The 2911 has three on board ethernet interfaces; we have three VLANs and three internet connections, so we need to use HWICs to get three more ethernet ports. That's right?
2) We need three HWICs or there is some kind of HWIC with more that one ethernet interface?
3) The routing solution is to assign static routes in the 2911 for each interface connected to a VLAN through a 2911's interface connected to internet?
4) Simply connecting three different router interfaces with three different switch ports, each one of them assigned to one of the three different VLAN, are we going to get internet access for all devices in those VLANs? or do we need to configure something else like trunking, VSIs...?
5) Can we achieve our goals using the SG-200 switch?
6) We have the chance to use older routers, is this possible? We're specially interested in knowing if a 1841 or a 2801 router could be used for this setup.
7) This is not a production environment so we can use refurbished equipment.
View 4 Replies
View Related
Aug 3, 2012
I have a Cisco C3560CG which is running C3560c405ex-UNIVERSALK9-M), Version 12.2(55)EX2.The switch has vlan 1 and vlan 50 configured, vlan 50 should have access to a limited number of host in vlan 1.The following acl has been applied on the inbound to vlan 50:
10 permit tcp 10.16.30.0 0.0.0.255 host 192.168.15.243 eq 137 138 139 445
20 permit udp 10.16.30.0 0.0.0.255 host 192.168.15.243 eq netbios-ns netbios-dgm netbios-ss 445
25 permit icmp 10.16.30.0 0.0.0.255 host 192.168.1.243
26 permit ip 10.16.30.0 0.0.0.255 host 10.16.30.254
30 permit ip 10.16.30.0 0.0.0.255 host 192.168.15.254
[code]....
I sure the above would work, but for some reason some of the packet counter are not incrementing but the traffic is being blocked. But I would like to see the counter increment.Also I have that I may beed to use VACL wouls this be the case?
View 26 Replies
View Related
Apr 26, 2012
I have a 3550 l3 switch configured as follows:
vlan 10 ports 1-10
vlan 21 ports 11-20
vlan 30 port 21-30
vlan 40 ports 31-40
default vlan should be vlan 21
I have the servers, switch and router connected to vlan 21. Vlan 21 works great I can browse the internet, but I cannot ping any other vlans. router is connected to fa0/19
[code]
Building configuration...
Current configuration : 4833 bytes
!
version 12.2
no service pad
[code]....
View 11 Replies
View Related
Mar 10, 2013
I'm having some problems setting up vlans to talk to each other on a 3550-12T switch. Its quite a simple setup I have, but I need to split my network up.
Currently I have a network of 192.168.25.0 255.255.255.0 I want to create a new vlan network of 192.168.30.0 255.255.255.0 So I have configured my vlan1 (default vlan) to have an ip of 192.168.25.250 for getting to the management page
I have created a vlan2 of 192.168.30.1 255.255.255.0 ?I have a port 10 linked to one of my 3560G's?In port 9 which is on vlan2 I have my pc plugged in with a static ip of 192.168.30.50 from the router I can ping any device on 192.168.25.x.
I can not ping 192.168.30.1 (which is my vlan2) nor can i ping the PC.
I have enabled ip routing But I dont have a default route, this is becase we don't have a router on the network.
View 18 Replies
View Related
May 21, 2012
i have an OM1 MMF fiber run between two switches, the first being a 3750 and the second being a 3550.
The link currently exceeds the maximum distance for OM1 @ 1000Mb/s (220m) so i would like to downgrade the link to 100FX using the necessary SFP's/GBIC's to extend the maximum distance to 550m and run the link @ 100Mb/s.
I have the part code for the 100FX SFP to install in the 3750 (GLC-GE-100FX) but cant find a 100FX GBIC for the 3550, can I use a 1000SX GBIC (WS-G5484) for the 3550 at one end and the 100FX SFP at the other? Any success with this configuration over MMF?
View 3 Replies
View Related
Jun 4, 2013
I have a 3550 switch right now, and need to upgrade to a gigabit switch, so I'm looking at a 3560G-48. For some reason I purchased an EMI version of my 3550, but run the ipbase image...what I need to look for - is a 3560G-48-s good for what I need?
View 4 Replies
View Related
Jan 24, 2012
While working at a client site today, I was troubleshooting some ICMP connectivity for a network we have created.I turned on 'debug ip icmp" on the 3550 switch int he middle, and was inundated with the following debug output:
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
Jan 25 11:01:14.641: ICMP: dst (172.16.1.7) port unreachable rcv from 172.16.1.5
[code]....
This output fires several times a second, and based on how often it is firing, I am curious if it may be a culprit with respect to the fact that the client has indicated that they have some slow internet.Should the next step be to look at the workstation at 172.16.1.5?
View 10 Replies
View Related
Sep 30, 2012
I have cisco switch 3550 IOS Version 12.1(19)EA1c.
I can configure route-map commands on that. but i can not apply that into any vlan interface. while i try to apply the following command ( ip policy route-map PBR) on VLAN int i get an error msg saying that the command is not recognized.
View 3 Replies
View Related
Dec 9, 2012
Can i have HSRP or GLBP between two different switch like 3550 and 3560?
View 3 Replies
View Related
Nov 16, 2011
I need to block this mac address in my 3550 switch.i enable port security but this mac address comes and do the violation and port is shut down.
View 3 Replies
View Related
Mar 28, 2012
I live in a condo building that uses 3 Cisco Catalyst 3550 switches connected to a Comcast router with 100 Mbps download. Currently we regulate bandwidth by providing each user with 3 Mbps download. Even if only two people are active they still only get 3 Mbps download. I would like to set it up so if two people are using they each get 50 Mbps; a sort of 'dynamic qos. Is this possible with these switches? Would we have to purchase a Cisco router in order to provide this feature?
View 9 Replies
View Related
Dec 22, 2012
I am having trouble after creating a management vlan (99) on a 3550 switch.I have configured the vlan (99) and given it an IP (192.168.1.100) and a default gateway (my router address - 192.168.1.99).I can ping to the switch from a PC and vice versa. The management VLAN IP is fine but now I cannot ping to the router from either the PC or the switch.It seems that just by adding VLAN 99 with it's own IP address has now prevented pings from the switch/ PC to the router ?Due to the fact that I have created a new switch management VLAN with an IP, does this mean I have set up the router as a 'router on a stick' scenario ? [code]
View 4 Replies
View Related
Jul 14, 2012
I`m looking to automate some functions in a web application.Functions like enable/disable interfaces on a Cisco 3550 switch.
View 5 Replies
View Related
May 10, 2012
My cisco 3550 EMI switch is not responding to power connection. I have checked and changed power cable. its still not working.fan is not running and no lights on front panel
View 3 Replies
View Related
May 14, 2013
im having this strange issue where everytime i plug in a voip phone to my 3550 the switch disconnects another voip phone.then to fix the disconnected phone (7940) i need to power off the phone 5-10 minutes then power it on again.
but the strange thing is, once i have to do that to fix the phone and connect the phone back to the switch, the port link is up, but no macs are seen on that port.
View 1 Replies
View Related
Nov 9, 2011
Is there any command to display the GBIC in the switch because I need to replace 3550 but I have no exact part number
the model is WS-C3550-24-SMI
and try
sh inventory
sh hardware
sh diag
sh module
View 1 Replies
View Related
Jan 24, 2012
I have a 3550 switch that was replaced at a remote site with no IOS. This is a switch not a router so tftpdnld does not work.
[Code]...
The problem is the switches interface never comes up so try to connect to the tftp server. I read on google it can't be done on a switch to copy from tftp to flash in rommon mode on a switch and to use XMODEM. My problem is I do not have access to it, I ssh into a 3640 which is an access server for all devices and that is how I have console to it, how to use XMODEM over ssh.
But I'm fairly certain that there has to be a way to just copy it from tftp? I have a 3550 local and when I put it in rommon mode it stops the port check at port, port 1 goes from green when you plug it in to off then port 2 changes to amber and the rest green. So just by the look of this I would believe tftp would work; you just need to use port 1.
View 1 Replies
View Related
Feb 7, 2013
Our switch had a little crash-fest this morning at 2:30 AM. I did find a web page about diagnosing Software Forced Crash Exceptions, but it did not look like ours was one of the more easily-identifiable ones.
It may be worth noting that we've only used this switch for about a month, everything seemed fine until now. When we got the switch it did not have any GigE modules, and this week we put 2 into it and have been using them for 2 servers.
It looks like the switch was crashing repeatedly over a period of 20 minutes, and then it stopped and normalized. In the logs of the router that this switch uplinks into, we could see the ethernet port flapping during the time that the switch wasn't reachable.
Here's the Show Stack on the switch:
Sfld_3550# show stackMinimum process stacks:Free/Size Name4404/6000 vegas_flash init3352/6000 SaveCrashBuffer5716/6000 CDP BLOB8512/9000 IP Background5596/6000 vqpc_shim_create_addr_tbl5584/6000 SPAN Subsystem5552/6000 SASL MAIN4944/6000 vegas IPC process8704/9000 cdp init process5404/6000 RADIUS INITCONFIG4928/6000 Vegas CrashBuffer5664/6000 URPF stats2536/3000 Rom Random Update
[code].....
View 2 Replies
View Related
