Cisco Switching/Routing :: Layer 2 Link Configuration VLAN 2626
Apr 29, 2013
I've turned up a new layer 2 WAN link between two data centres and i'm having some trouble trying to logically figure out how things should be configured.As you can see from the diagram i've created, I have the link connected on port 13 on one switch and port 14 on the other. Both ports have an IP address assigned to them and they can both ping each other..
The problem comes when I need to add routes in order to get traffic flowing over the link.I added an IP address to switch 2 on the link interface (port 14) as: 192.168.4.10
I then added an IP address to switch 1 on the link interface (port 13) as:
192.168.1.10
192.168.2.10
When I tried to add 192.168.3.10, it said "192.168.3.0 overlaps with VLAN2626". This would be correct as Vlan 2626 has an IP address of 192.168.3.15.
However, if I remove the IP address from vlan 2626 and add 192.168.3.10 to vlan 2 (the link port VLAN), I would surely lose remote access to the switch. (I'm telnetting into the switch from a machine on vlan 2626).
I started to tinker with this by manually adding a route to a server in each location and seeing if I could get traffic to flow:
On server 1: route add 192.168.4.0 MASK 255.255.255.0 192.168.1.10 METRIC 1
On server 2: route add 192.168.1.0 MASK 255.255.255.0 192.168.4.10 METRIC 1
If I try to tracert 192.168.1.20 from server 2, the first hop is the default gateway instead of 192.168.4.10.
The ultimate goal is to add the static routes to the Layer 3 router/firewall, but before I do that, I need to be sure of what to add to that router (It's a manged firewall from the data centre, so I don't have access to it and I need to raise firewall change requests to get the work done, so want to ensure it's right first time.
View 9 Replies
ADVERTISEMENT
Mar 18, 2012
I want to setup VLAN with the switches SG300 and SLM2024. What is the suggestion to connect these 2 switches. We have the Juniper net screen.
View 1 Replies
View Related
Jun 27, 2012
I got a different scenario from one of my client.My client have two different branch offices and have 50Mbps point to point connectivity between them. All users in both braches using same series of IP pool ( 192.168.224.0/24) in both branches.Both branches he had only Cisco 2960S series switches only. And in both branches he is using IP cameras. He will monitor the assets by accessing IP cameras through the browser.His requirement is, he wants to prioritize the Video traffic( monitoring through the browser) over the normal data traffic.Note: He had a single VLAN only.
View 8 Replies
View Related
May 23, 2012
I been practicing with the configuration of layer 3 etherchannel configuration and i am facing a problem here. I have two 3560 switches and i want a layr 3 ether channel configuration setup between the first 2 ports of bothe the switches. I assign IPs to the Port-channel 1 of both the switches "10.1.1.1 /24 and 10.1.1.2 /24" but i am unable to get a successful ping. what am i doing wrong. below are the configs for bothe of my switches.
3560_1
Building configuration...
Current configuration : 1274 bytes
!
version 12.2
no service timestamps log datetime msec
no service timestamps debug datetime msec
[code].....
View 2 Replies
View Related
Sep 13, 2012
I understand the vlans on the catalyst side of the house on 2900 to 6500 Catalyst switches.
This 7010 running nx-os 5.1(3) I did not setup, but have to manage it. Hasn't really been a proble till now.
My nexus 7010 has a Layer 2 only vlan 11. It is "Active" but the interface is "shutdown". Yet, it is passing traffic across the directly connected ports on the nexus 7010 and to other switches in my network. Vlan 11 is being set out via VTP to all my switches and things are running fine.
I need to create another L2 only Vlan. I can't seem to find any docs that indicate that a Layer2 vlan Interface on nx-os should be in "shutdown" mode as part of the setup. I do see in the docs where it has to be set "Active" as part of the process.
Is this the correct way to seutp a L2 only vlan on nex-os? Leave the interface in "shutdown" but make it "Active"?
Mystery Vlan 4 and 6
The mystery deepens. I have other L2 vlans ,Vlan4&6 that are NOT defined as "Interface Vlan4" in the nexus config, yet it is applied to GigE ports on the nexus and these Vlans 4/6is also being sent out VTP to all switches. Even weirder is that these vlans have names associated with the numbers. These are valid Vlans that were configured on the old 6509 before the Nexus was installed.
I have checked all switches, NONE are running in Server mode for VTP, all are in CLIENT. The nexus 7010 is the only device running in VTP Server mode.
View 2 Replies
View Related
May 17, 2012
I configured the interfaces individually at L3 and could ping across each link Example:
4500 Switch 2: 6500 Switch 1
int t5/1 - int g3/17 1 Gig fiber link
tore down config
tried second set of interface
int t6/1 - int g8/17 1 Gig fiber link
Ping successful
[code]....
View 2 Replies
View Related
Apr 9, 2012
I am setting up a link between buildings that uses wireless links. I'm using Layer 3 routed ports on 2 3560 switches to handle the routing between sites. Normally I would just put these in a /30 and then the switches handle the rest. However, the wireless access points have a web interface for managing them that I want to be able to access, but it's only available on the single NIC that also carries traffic. What would be the best way of making this work? Should I make the link a /29 and give the access points an IP in the same range? If this is the case what do I use for the default gateway for the access points?
I have included a diagram to try to explain the issue clearer. The IP addresses in black are what I would do if this were a standard cable (and indeed this will work, but I wont be able to access the admin interface of the wireless AP) and the red ip addresses are the alternative if I use a /29 (but as I said, I'm not sure what to use for the default gateways).
View 1 Replies
View Related
Mar 24, 2013
In 3750 switch,I have configured intervlan routing.I have three vlans Vlan 10,vlan 20,Vlan 30 and I have assigned IP address for that Vlan.In vlan 10,I have connected one systen gigabitethernet 0/1 interface.From my system I am able to ping vlan 10 ip address but I can't able to ping other vlan ip address (vlan 20,vlan 30).Is it possible to up the protocol for all that time.
View 2 Replies
View Related
May 2, 2011
I have a headquarters office that has recently bought a new voice system.
We have a site to site connection from the head office to 3 remote offices. All have ASA5505 firewall.
I have created 2 interface on the ASA5505: 1: inside with vlan1 and switch port port12: voice with vlan100 and switch port port2
Port1 on the asa goes to port 23 on the switch for vlan data
Port2 on the asa goes to port 24 on the switch for vlan voice
Port23 is member of vlan1 data
I added vlan100 to port 24 but by default vlan1 is member and i can't remove it. Its greyed out
All ports on the switch are member of vlan1 and vlan 100 because the port on the switch goes to the phone and from the phone there is a port that goes to the PC. Phones are getting addresses, and PC as well.
I am having a kind of loop because there is 2 exit for vlan1 (port 23 and 24) and that's slowing down my system and sometime i loose the connectivity to my servers.
When i do a show arp on my asa, i do see that some IP are beeing learned on the wrong interface. some PC addresses 192... are on the voice and some voice IP 10.10... are on the inside.
I am pretty sure that the problem comes from my switch configuration.
View 7 Replies
View Related
May 28, 2012
I have a hybrid kind of network. I want to create create two VLANs on Cisco SGE2010 so that these two VLANs should not talk each other but at the same time they are able to talk Domain controllers, DHCP and other servers which are on other switches.I am able to create two separate VLANs but they stop talking with other servers(DC, DHCP, etc) which are on another switch.
View 7 Replies
View Related
Sep 15, 2012
I have 2 locations, at a distance of 600KM.These two locations are well connected by Point to Point L2 VLAN with a speed of 2 MBPS and supported by CISCO 3560G switches.Location A has a VLAN to communicate to the other VLAN at Location B. Location B has also got 3 VLANS which are inter connected with Location A.Now the hardware in one of VLANs in Location B has moved to Location A for obvious reasons.
For further refernce am giving the VLAN IP address here....
Location A
VLAN1 for communicatng to Location B
IP Range 172.20.44.210
Subnet Mask 255.255.255.0
Default Gateway 172.20.44.210
VLAN2 for the desktops in Location A
IP Range 192.193.194.1-255
Subnet Mask 255.255.255.0
Default Gateway 192.193.194.1
[code]....
View 3 Replies
View Related
Mar 18, 2013
I have a 3560 switch with 1 VLAN (VLAN 10) where I need to make ports:
1-10 as isolated (can't contact each other)
11-20 as community (need to contact each other like a normal VLAN)
23 as promiscuous (server that ports 1-20 need to get to)
24 as promiscuous (WAN router where ports 1-20 need to get to and the remote servers).
[Code]...
View 26 Replies
View Related
Dec 9, 2012
I am seeing an issue that after deleting/recreating one of the VDC in Nexus 7K, VLAN is not been able to be configured within the VDC although it is not actually a reserved VLAN. Could it be anything missing in the license installation? the version of the image is NX-OS 6.1.2
StorageVDC(config)# vlan 100
^
invalid vlans (reserved values) at '^' marker.
View 2 Replies
View Related
Jun 17, 2012
After a abrupt power cylce of 6509 switch, vlan configuration got missing. Switch has not crashed.
View 4 Replies
View Related
Oct 24, 2011
I have got a catalyst cisco 2960G series switch and via this switch I want to creat serveral vlans. I am getting a dhcp IP from a router and I want to setup my own vlan networks.
I plugged in the Ethernet cable that came from the dhcp router to port 16 of the cisco switch and configured the ports 1,2 and 3 for vlan 1, 2 and 3
the dhcp router has given me this IP 192.168.10.158 defautl gateway is : 192.168.10.1
when I plug in a PC to port 1 or 2 of the cisco switch I still receiving the IP from range 192.168.10.* but not from the range that I configured for the vlan 1 or 2.
Below is my startup configuration:
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
[code].....
View 28 Replies
View Related
May 22, 2013
I have a Cisco 2811 Router. I have two VLANS on the router. The first one of course is VLAN 1 and the second one is one that I created from reading everything from this forum.. it is called VLAN 531
On VLAN one I have an IP address of 10.8.1.1 and on VLAN 531 I have an IP Address of 172.16.1.1, now what I can do is this... I can.. from a workstation on the 10.8.0.0 segment, ping 172.16.1.1 and one server on that segment that has an IP address of 172.16.1.50, which is fine, but what I really want to be able to do is ping our email server which is on a 10.21.0.0 segment and I cannot. Any commands on what I would need to do to make this work as I would like the 172.16.0.0 segment to ping any other part of my LAN of my choosing.
View 12 Replies
View Related
Jul 1, 2012
Working on a C4948-10g switch. Trying to reset switch to factory settings. I have ran the Switch#>wr erase, command but the vlan's are still in the config. If you do a show vlan it still shows all the vlan text. I have tried the Switch#>delete vlan.dat, doesn't work. Tried Switch#>delete nvram:vlan.dat, doesn't work. Tried Switch#>erase startup-config, doesn't work. How can I get rid of the vlan's?
View 7 Replies
View Related
Mar 11, 2013
Using Cisco 2960 series switches (Have 8 . 2 stacks of 4) to replace 6 old switches. 4 old switches had IP ranges of 192.168.6.*** and all new switches have 10.1.*.* addresses. Core switch has 10.1. as well as 192.168 ip addresses but i need to configure one vlan (5?) to route to 192.168 address. PC's on 10. address taking a long time to access 192 range.
View 2 Replies
View Related
May 17, 2011
I just inherited a network and feel like.I am missing something. We use ATT&T Opt-E-Man which limits the MAC address to 50 for the connection or you have to pay.Hence the routing VLAN is the only access across the two sites.I have a VoIP vendor who insists on using the same VLAN for all sites. Upon exam the VLAN is at the remote site but it does not work.
View 2 Replies
View Related
Jan 15, 2013
My first question is I have an access layer switch which is a single VLAN and I am trunking that VLAN to a distribution layer switch, I can ping the gateway on the distribution layer switch for THAT VLAN, But cannot ping the gateway address for the second VLAN I have on the distribution layer switch. I know it is simple, But I have forgotten and just need a push
Also I have a third VLAN set to route traffic not bound for those 2 VLANs out to a router is the statement "ip route 0.0.0.0 0.0.0.0 172.16.252.2" good enough and do I actually need to create a VLAN for that traffic? and if so, is an access switchport the best option?
View 2 Replies
View Related
Feb 12, 2012
I was unable to configure vlan-based qos on Cisco IOS Software, s72033_rp Software (s72033_rp-IPSERVICESK9-M), Version 12.2(33)SXH6, RELEASE SOFTWARE (fc1) Seems to me my configuration is not working. Here is the output of the interface:
sh int G1/6 | i rate
Queueing strategy: fifo
30 second input rate 25231000 bits/sec, 4282 packets/sec
30 second output rate 46940000 bits/sec, 9257 packets/sec
And here is my configuration:
interface Vlan3
ip address 192.168.1.1 255.255.252.0
service-policy input TEST_IN_PMAP
service-policy output TEST_OUT_PMAP
[code]....
Why I can't see matches in ACLs? I've double checked the direction and seems to me it is correct. I can't see matches even I configure something like this:
10 permit ip host 192.168.1.168 any
20 permit ip any host 192.168.1.168
Why my output rate is higher than 30M? Is it bacause there is no matching traffic here in ACLs? I'm absolutely shure that this host with such ip connected to this interface:
#sh arp | i 192.168.1.168
Internet 192.168.1.168 0 feed.beef.f00d ARPA Vlan3
#sh mac address-table | i feed.beef.f00d
* 3 feed.beef.f00d dynamic Yes 0 Gi1/6
View 9 Replies
View Related
Jun 22, 2012
I have on 3750X stack with a few vlan
--------------------------------------------------
vvlansw06# sh vlan
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/6, Gi1/0/10, Gi2/0/5
Gi2/0/6, Gi2/0/37
10 LAN_10 active Gi1/0/16, Gi1/0/17, Gi1/0/19
[code]....
where are the others vlan?
View 3 Replies
View Related
May 19, 2013
In my core Switch,there are 2 v LAN(V LAN 1 & V LAN 2)my switch is Cisco 4948,so be default ip routing is enable in it. My all servers (DHCP,HTTP,HTTPS) are in v LAN 1 & internet is also in v LAN 1.
My requirement is that v LAN 1 user should not communicate with the v LAN 2 and vice versa. But the v LAN 2 users need an access of all servers and internet which is in v LAN 1. How to configure the access-list. I have try on Packet tracer which i have attached.
note:v LAN 2 user should get the IP from dhcp server which is in vlan1.
View 4 Replies
View Related
Jul 11, 2012
I have a SG300-28P switch. I just read in the Administration Guide that, when in Layer 3 mode, the switch doesn't support MAC-based VLAN or Dynamic VLAN Assignment.
So, in order to assign a client to a VLAN based on their MAC or based on the response of a RADIUS server, we have to disable layer 3 features. Without layer 3 switching, the switch is unable to act as a default gateway and forward packets between VLANs. As a result, the VLANs can't communicate in any way, or access the internet, unless a separate router is connected to every VLAN. Right? Doesn't this limitation significantly reduce the usefulness of the DVA feature?
View 2 Replies
View Related
Mar 6, 2013
I have a 2911 router connected to a 3750 switch. I have configured vlan interfaces on the 2911 router:I am using the vlan 89 (89.2) as the management ip address for me to remotely get to the switch. Is this a proper configuration or could this cause issues in the future.
View 4 Replies
View Related
Dec 12, 2012
We have a 24 port and 48 port 3560 E switches with identical IOS the 48 port switch supports private vlan while 24 port switch doesnt
configure private vlans on 24 ports 3560e and is it best practise to configure private vlan on this platform(3560)?
IOS version : C3560E Software (C3560E-UNIVERSALK9-M), Version 12.2(55)SE3, RELEASE SOFTWARE (fc1)
flash:/c3560e-universalk9-mz.122-55.SE3/c3560e-universalk9-mz.122-55.SE3.bin
View 3 Replies
View Related
Jul 5, 2012
I've recently purchased a Cisco catalyst 2960S-24TS-L & setup 3 V LANS 10 (no current IP),20 (192.168.2.1) and 30 (192.168.3.1) to reflect the router V LAN configuration & ip information. When connecting my PC to the switch to test connectivity on (2.1 & 3.1) I'm unable to connect to the the net but can successfully ping GW (int FE0.20 & FE0.30) 192.168.2.1 & 3.1.
The router is an Cisco 1801 & it seems this is where the configuration issue is but I'm unable to figure out how to complete the setup. It has been quite awhile since I've configured a Cisco router.
Ive never had this router connected to a switch so all router switch ports are in the default VLAN1 (192.168.1.2), with FE0 disabled. In trying to get the switch to communicate with the router I made the following router config modifications.
FE0 enabled with subinterfaces configured
FE0.10-currently no ip
FE0.20-192.168.2.1/27
FE0.30-192.168.3.1/27
I have two issues I want to resolve:
1) I do not know what additional steps are required to allow 2.1.& 3.1 V LANs to access the net.
2) I want to disable VLAN1 if possible & use the network IP for VLAN10 (192.168.1.0). I'm unsure how to do this as any change on VLAN1 immediately breaks router access and the router reconfiguration becomes more complicated with changes to the FW ACL etc.
View 2 Replies
View Related
Jan 28, 2013
I am going to creat VLANs very 1st time therefore for test purpose I have following simple scnerio.I have created 2 VLANs , VLAN2 and VLAN3 on Cisco Catalyst 2960 series switch. Ports 1-12 is assigned to VLAN2 and Ports 13-24 are assiged to VLAN3. Now I have configured DHCP on Microsoft Server 2003 defining 2 scopes with following configurations.
Scope 1 for VLAN 2--- Range is 172.16.0.17 to 172.16.0.30 with subnet mask=255.255.255.240 . Server IP address 172.16.0.17
( Note: Address 172.16.0.17 is excluded from dhcp server Scope 1 and give to the MS server itself)
Scope 2 for VLAN 3----Range is 172.16.0.33 to 172.16.0.46 with subnet mask=255.255.255.240 .
Now in Cisco 2960 series switches, under Vlan 2 and Vlan 3, I have following configurations...
interface Vlan2
ip address 172.16.0.30 255.255.255.240
ip helper-address 172.16.0.17
interface Vlan3
ip address 172.16.0.46 255.255.255.240
ip helper-address 172.16.0.17
Now the problem is when i connect a client computer to any port from 1-12, It gets correct IP address from Scope 1 but when I connect a computer to any port from 13-24, it does not get the ip address.
Further I want to do inter VLAN comunication as well for that purpose i Have an ISR 2900 series router. What further configuration i will have to do on router for inter vlan communication.
View 3 Replies
View Related
Apr 11, 2013
I am trying to connect two Asterisk Server (with DHCP server enabled on both) on a HP Pro Curve 2626 switch. Server A has IP address 192.168.2.1 and Server B has IP address 192.168.3.1. I created a two new VLAN on switch, VLAN2 for 192.168.2.0 network and VLAN3 for 192.168.3.1 network. I put the command "ip routing" on the switch. My goal is to be able to ping ip address from PC 1(VLAN2) to PC 2(VLAN3) and vice versa... I'm not sure what I am missing... By the way, there is NO ROUTER involved on this set up. I tried to Google and it says HP ProCurve 2626 is a Layer 3 switch so IP routing should be possible.
View 4 Replies
View Related
Apr 12, 2012
provide a sample Voice Vlan configuration for the Cisco 2960 POE switch to work with the Non-Cisco IP Phones?
Will these commands work? Vlan 2 is the new voice vlan, Vlan 1 is the data vlan.
mls qos
interface fastethernet 0/1mls qos trust cos switchport nonegotiateswitchport mode trunkswitchport trunk encapsulation dot1qswitchport voice vlan 2priority−queue outspanning-tree portfastspanning−tree bpduguard enable
vlan 2name voice
View 2 Replies
View Related
Mar 23, 2012
we got a dark fiber betwwen two sites away from each other 30 Km,i need to connect this sites acts as backup dc to main dc in main site using cisco 4900 Switches in BK-DC anf 6513 in the main site,how can i verfiy if this fiber oparates as L2 and i can extend vlan servers,is it via "sh cdp neigh" and "sh vlan br"?
View 2 Replies
View Related
Apr 22, 2013
I have pair of 5596 switches in vPC. One host say "HOST A" is connected to the primary vPC peer and other "HOST B" on secondary vPC peer.Both are in same VLAN 10. Both hosts are vpc orphan ports as their NIC is configured in active/standby mode.I have configured span session on both vPC peers with span source as VLAN 10 in rx mode.Span destination is connected to secondary vPC peer. The issue here is that I am not able to capture the traffic originating from HOST A destined to HOST B which is traversing vPC peer-link.Same issue occurs for the traffic in reverse way and span destination on primary vPC peer. In a nutshell, any traffic which crosses vPC peer-link is not getting captured.
What could be the issue and is there any solution for it. Below mentioned is the span config and relevant interfaces. [code]
View 4 Replies
View Related
Jan 2, 2012
I need to implement the shaping VLAN only on the trunk link between the 6500 and 3560. [code]
View 8 Replies
View Related
