Cisco Switching/Routing :: SG200 / 3550 - Creating VLAN And Isolating PC On Network
Feb 12, 2013
I was given a task of creating a vlan and isolating one pc to access an internal website (192.168.90.15) on a specific port (port 8080)The pc is connected in the following manner:
PC--> HP Switch --> Cisco Small Business SG200 switch --> 3550 Catalyst 1, 3550 Catalyst 2 and 3550 Catalyst 3.
I have created a vlan 110 on the Main 3550 Catalyst switch and successfully added the pc to that vlan.However, that PC must be able to access the internet and an internal website on port 8080.I have placed an access-list on the main 3550 catalyst switch which is connected to our router as below:
Client ip address: 192.168.100.2
VLAN 110: 192.168.100.3
access-list 110 permit tcp host 192.168.100.2 host 192.168.90.15 eq 8080access-list 110 permit icmp host 192.168.100.2 anyaccess-list 110 deny ip 192.168.100.0 0.0.0.255 ? I was unable to access the webserver even after many attempts.
View 2 Replies
ADVERTISEMENT
Feb 2, 2012
I have to configure failover Active/Standby on my ASA 5510.I am wondering how i could do for the outside interface, i mean, actually the ASA1 outside interface is linked directly to our Internet router.So now if i have to add ASA2 connecting to that router i will need a switch between them.I have already a switch for DMZ & LAN.The thing is that i will have to allow 3 switchs ports to communicate with each others.
- 1 for ASA1--outside
- 1 for ASA2--outside
- 1 for Internet router
How could i isolate these 3 ports to make them communicate alone ? Should i use VLAN for that ?And if i use VLAN, will this require to make any change of configuration on my firewalls (ASA1 & ASA2) outside interface ?I am a bit lost with this, if i am correct i will not have to do some "vlan tagging" on the firewall itself ?
View 1 Replies
View Related
Nov 20, 2011
I have a problem to create a VLAN with a Cisco 2801.,I need to have base ports FastEthernet 0 / 0 and FastEthernet 0 / 1, in the same VLAN.
Basically I'm trying to switch access redundacion, now I have redundant switches in which I have the servers, but if one of these switches fails, and,coincidentally is where I have connected the router, the server runs out of internet connection.,I idea is to connect the FastEthernet 0 / 0 to a switch, and FastEthernet 0 / 1, to the other switch,but I managed to have these two ports in the same vlan, in order to have a unique IP for both FastEthernet ports,As I can do this?. do is a lot of documents using the switchport command, but this command is not available in my router, I tried different IOS, and nothing.,currently I have the following IOS: c2801-adventerprisek9-mz.124-24.T6.bin
View 2 Replies
View Related
May 20, 2013
We have observed WS-C4507R-E got rebooted while creating the L3 VLAN ( while No shut).Is there any known bug for below IOS ?cat4500-entservicesk9-mz.122-40.SG.bin,
View 4 Replies
View Related
Jul 24, 2007
Does Catalyst 3550 switch support inter vlan routing ?
View 12 Replies
View Related
Jun 13, 2013
We are trying to replace the CSS between our firewall and DMZ with a BigIP. Among it's other functions, it will act as the router between the firewall and the DMZ. To make this work, I need to assign vlan tags values for the vlans I create on the BigIP box and these must match the tags on the cisco switches (3550's) How do I find this information on the switch?
View 2 Replies
View Related
Mar 10, 2013
I'm having some problems setting up vlans to talk to each other on a 3550-12T switch. Its quite a simple setup I have, but I need to split my network up.
Currently I have a network of 192.168.25.0 255.255.255.0 I want to create a new vlan network of 192.168.30.0 255.255.255.0 So I have configured my vlan1 (default vlan) to have an ip of 192.168.25.250 for getting to the management page
I have created a vlan2 of 192.168.30.1 255.255.255.0 ?I have a port 10 linked to one of my 3560G's?In port 9 which is on vlan2 I have my pc plugged in with a static ip of 192.168.30.50 from the router I can ping any device on 192.168.25.x.
I can not ping 192.168.30.1 (which is my vlan2) nor can i ping the PC.
I have enabled ip routing But I dont have a default route, this is becase we don't have a router on the network.
View 18 Replies
View Related
May 17, 2013
ARP broadcasts not reaching all VLAN ports on 3550
Cisco 3550, interface Vlan9
ip address 1.1.1.1 255.255.255.240 secondary
ip address 3.3.3.3 255.255.255.240
[Code].....
View 5 Replies
View Related
Dec 22, 2012
I am having trouble after creating a management vlan (99) on a 3550 switch.I have configured the vlan (99) and given it an IP (192.168.1.100) and a default gateway (my router address - 192.168.1.99).I can ping to the switch from a PC and vice versa. The management VLAN IP is fine but now I cannot ping to the router from either the PC or the switch.It seems that just by adding VLAN 99 with it's own IP address has now prevented pings from the switch/ PC to the router ?Due to the fact that I have created a new switch management VLAN with an IP, does this mean I have set up the router as a 'router on a stick' scenario ? [code]
View 4 Replies
View Related
Dec 12, 2011
I am attempting to create a mass upgrade server for some of our more standardized equipment since our vender cannot upgrade them pre-shipping for us, we've got to do them on our own. This means using a terribly organized wizard written in what appears to be Java...
I have an aversion to Windows and felt that I could accomplish the same thing using expect scripts and a Gentoo Linux server; now all I need is to set my Cisco 3550 (c3550-ipservicesk9-mz.122-44.SE6.bin) to have each port on it's own VLAN, except for fa0/1 which will be a trunk port to communicate with all ports as well as the server.
View 4 Replies
View Related
Feb 12, 2012
I have a Cisco SG200 26 Port Switch, 2 Cisco WAP4410N Access points, and a VLAN aware Router. I have created 4 VLAN's. For the sake of this conversation lets call them.
98 - Intel Vpro
99 - Management
100 - General
101 - Guest
The Access points are capable of doing V LAN tagging so I plan on having them tag a guest network as V LAN 101. That can get sent to the V LAN aware router and out. No problem. I have some devices, or management pages that I don't want accessible from the general network. (Intel V pro KVM, Remote Management Cards, AP Config Menus, Switch config menu...) . I need to be able to take a V LAN unaware device, plug it into port 1, and have it communicate with V LAN 98, 99 and 100.
View 1 Replies
View Related
Oct 1, 2012
I have a pair of Core VSS 6509E SUP 2T. Two different LANs, two diff. Subnets. larger LAN has been connected to the VSS pair usng normal SVI and Post-Channles (has lots of closets 3750 stacks) and no problem. Second LAN, two closets, stacked and connected to each other via Port channel and trunk + SVI interfaces. Now, I have SVI interfaces for both LANs on teh VSS pair and that is causing traffic from one LAN to jump over to the other VLAN and rightly so because the VSS pair see both subnets as directly connected subnets. I was wondring if I delete the SVI for the second LAN and only keep the L2 VLAN this will be resolved> The reason for the second LAN to connect to the VSs pair is only that It has to go through the VSS pair to get to the WAN router (both LANs will go out through this Same WAN router) but WAN router is not my concern at this time. I need to isolate these two LANs/subnets traffic so no one VLAM traffic jumps over the other.I have also thought about VRF but at this point I am not sure if teh 3750 stacks supports VRF and if it does how to implement VRF on the second and samller LAN to just allow it go through the VSS pair in order to get to the WAn router.
View 13 Replies
View Related
Sep 26, 2012
How do I configuring Private Class A [10.206.90.0/24] and Private Class C [192.168.1.0/24] Network on Cisco 3550-12G Switch.
View 3 Replies
View Related
Feb 26, 2013
My organization wishes to host a LAN gaming event. The setup I have in mind involves a 24-port switch for connecting all the player computers and having that switch connected to a smaller "core" switch which has the the game server and router connected to it. I'd like to know if I can set things up as follows...
SG200-26 with ports 1-24 on seperate VLANs so they cannot talk to eachother. I'd then like ports 25 and 26 to be an aggregated (for bandwidth and redundancy) trunk port to carry all 24 VLANs plus an additional management VLAN (ex. VLAN 100) that will be used for accessing the switch. I'd like those aggregated trunk ports to connect to an SG300-10 "core" switch which will be connected to the game server and to a router for internet access.
I'd like the ability to have two network connections from the game server to the switch, one on the management VLAN and one on a different VLAN (ex. VLAN 50) that will be accessed by the players (ports 1-24 on the SG200-26). The core switch needs the ability to perform restricted inter-VLAN routing, in that it doesn't allow VLANs 1-24 to talk to eachother but they can talk to the server's VLAN but only through specific service ports (ex. port 12345, 12346). Is this possible?
Furthermore how would I configure the SG300-10 to allow VLANs 1-24 to talk to VLAN 50, but not themselves or VLAN 100. As well, I'll probably have the router on it's own VLAN (ex. VLAN 60) and allow VLANs 1-24 to access it but only through HTTP port 80 for web access.
View 9 Replies
View Related
Aug 3, 2011
I just bought a SG200-18 in order to use LAG between a backup server and multiple computers and servers. Servers are supposed to all use 2 links and computers only 1.
As soon as I activate LAG on port 2 and 3, no matter what is connected on the switch I lose access to the switch interface (luckuly, it's still working on port 17 for a strange reason) and all computers / servers connected are randomly losing the network access. Everyrhing start to be slow but most servers and computers don't lose access to the internet. Browsing a web site will suddenly take ages but... it will work eventualy.
I already used LAG on other switch without a single issue.. The only uplink I have is to the router and I know that I don't have any issue with network cables....
So what am I doing wrong ??? I didn't even try to configure the TEAMING on the servers, just creating LAG on the switch will kill everything Oo.. I'm starting to think that my SG200 is dead out of the box.
View 4 Replies
View Related
Apr 27, 2012
My home network is up to now all hard-wired, nothing shared etc.I just got an ipad though, so do want to have wireless available now. I would like the ipad wireless router to be isolated so that the desktops run no risk from getting a virus via the ipad wireless connection.So, I was going to buy another router - would I be able to plug that into the wired router, and the desktop also plugged into the wired router, would that keep every part of the network isolated from the others?
View 8 Replies
View Related
Jul 26, 2012
Adding a vlan 820 to existing port channel trunk which currently allows many vlans. What is the best way to add vlan820 with least impact to network. Portchannels from 6513 core with IOS to Nexus 5k,Copy existing vlans, add 820 and paste under: switchport trunk allowed vlan 1,2,5,12,20,820
View 6 Replies
View Related
Apr 8, 2013
I could not ping 8.8.8.8 and access internet after creating the VPN. Below is my setup and router configuration: [code] From the router 1941, i could ping up to 58.185.149.141 but not up to 58.185.149.140. Since i cannot ping 58.185.149.140, i suppose i cannot ping 8.8.8.8. I am sure 58.185.185.140 is there as i use another PC which is connected directed to the office network instead of through the router 1941, it could ping 58.185.149.140.For your info, the g0/1/0 is connected to the PC while g0/1 is connected to the office network.
View 2 Replies
View Related
Jul 17, 2012
I currently work in the IT field part-time as a end-user support technician while I am finishing my Bachelor's Degree in Network Administration. I'm not completely new to networking at this point, but I am by no means a master of it either. The basics of small networks (less than 10 PCs) and the lower-end of small business grade Cisco equipment are not unfamiliar to me. Up until this point however, I have had very little experience with any higher-end Cisco networking equipment.
Now on to the questions, which may seem like the answers should be obvious, but let's face it, I do not have the resources to own much equipment myself at this time for experimentation purposes, nor does the school I am attending have a lot of financial resources to provide us with recent hardware to learn on. What I want to know are a few things about PoE as implemented on Cisco devices, specifically the SG200-50P small business series switch. According to the technical documentation, the switch supports PoE on 24 of its 48 ports, specifically 1 - 12 and 24 - 36; simple enough. The switch is currently installed in an office that has less than 24 connected devices, but that is currently expanding. None of the PoE ports are utilized as of yet, but going forward, there will be more than 24 connected devices. Will another switch need to be installed if the additional connected devices (PCs and printers) are not using PoE, or is the PoE an auto-sensing feature that will simply remain disabled if a device that does not require power over the network cable is connected? Is there some setting that needs to be changed through the management interface to keep devices that should not be drawing power from doing so?
There will likely be some additional questions generated by my inquiry, and I fully understand if these are completely novice questions, but I admittedly do not know the answer. When I Googled it, I was greeted by a few hundred thousand results, the first dozen or so pages of results all being for places to purchase this particular type of switch, so I thought I would try my luck on the forums of the place that made it.
View 1 Replies
View Related
Nov 21, 2011
New to Cisco devices and have had an ASR dropped in my lap.Running ASR1000-RP2 with System image file: asr1000rp2-advipservicesk9.03.03.00.S.151-2.S.bin Show Vlans returns: No Virtual LANs configured Router(config)#interface vlan?
<1-4095> Vlan interface number
But when I try an assign a Vlan number I get % Unrecognized command, or % Incomplete command
View 7 Replies
View Related
Dec 8, 2010
we have two Catalyst Express 500 switches and a ESW 520 just purchased. the VLAN on the other two is 2. how do I change the Default to be 2 instead of 100 in the ESW Switch.
View 3 Replies
View Related
Jul 17, 2012
I have problems in my Cisco network until I connected some Moxa devices.This Moxa are models EDS-316 and EDS-208
My principal trouble is the traffic UDP. Suddently the network don't permit the traffic UDP in VLAN where are connected Moxa devices.
During an hour the Moxa can send TCP traffic, but can't send UDP. If a Moxa device is unplugged from network, all devices connected to him can work offile from principal network, but if I plugg again the Moxa is like disable.
After one hour (more or less) the system restart all functions and work fine.I catch the logs from TXerrorsInPorts and all the ports where is connected a Moxa have errors all time.
I don't know which is the problem, but I think that problem is in negotiation from Moxa to Cisco.This is the configuration from a port where is connected a Moxa: [code]
View 1 Replies
View Related
Aug 15, 2012
we have an heterogeneous network with Cisco devices (6509-E, 3750G and 3560) and Alcatel 6850 devices. We have to enable a PTP Wifi line as a backup for the fiber line between two buildings. For this purpose, we have connected a wifi device to GigabitEthernet 0/47 of SWIHGJ1 and configured it as: [code]
View 2 Replies
View Related
Apr 18, 2012
I have a collapsed core design with routed ports between all components. Access layer switches, data center switches, core/aggregation. All routed (no spanning-tree at all).Now...I have to add an IBM BladeCenter with a BNT layer 3 switch to my topology. However, those nasties don't seem to support routed ports.How can I have a routed port on my cisco switch and a standard access port on the BNT and still establish an adjacency with an SVI? I am running OSPF, but I am labbing this in my home lab with 2 x 3550s and EIGRP.
On SW2:
*Mar 1 00:57:00.711: EIGRP: Received HELLO on Vlan100 nbr 10.1.1.1
*Mar 1 00:57:00.711: AS 999, Flags 0x0, Seq 0/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
*Mar 1 00:57:02.303: EIGRP: Sending UPDATE on Vlan100 nbr 10.1.1.1, retry 9, RTO 5000 tid 0
*Mar 1 00:57:02.303: AS 999, Flags 0x1, Seq 17/0 interfaceQ 0/0 iidbQ un/rely 0/0 peerQ un/rely 0/1
[code].....
View 10 Replies
View Related
Mar 11, 2012
I am trying to configure a Cisco 871 router.I have 3 servers on my network that need static public IPs but also still need to communicate on the local network.
I have given my WAN interface the first IP in the block and set up PAT for the rest of the computers on the network which is working fine. Next I set up static NAT rules for the servers translating 3 of the remaining public IPs to the internal addresses of the servers.
I can access those servers internally using the public IPs but not from outside the network. A tracroute from outside the network gets dropped when it gets to my ISP.
I've never configured more than one static ip for a network before and i know i've just missed a step here. Do I also need to set up static routes? Will that update the next hop's routing table?
View 2 Replies
View Related
Jul 4, 2012
Does Cisco SG200-50 50 port gigabit smart switch have support for SNMP ? I have updated the firmware and still can not find any option for snmp.Sent from Cisco Technical Support iPad App.
View 3 Replies
View Related
Feb 19, 2013
My SG200-50P Switch Log appears as follows with Random ports going up and down. I am trying to find out if this links to another problem I'm having with a Client Server software locking up on the client end. The hardware, thin clients and desktops, are working and have checked all sleep and power settings. All items in working order, now I'm wondering about the switch
2147483369 2013-Feb-20 15:12:07 Warning %STP-W-PORTSTATUS: gi19: STP status Forwarding
2147483370 2013-Feb-20 15:12:02 Informational %LINK-I-Up: gi19
2147483371 2013-Feb-20 15:12:00 Warning %LINK-W-Down: gi19
2147483377 2013-Feb-20 14:51:31 Informational %LINK-I-Up: gi45
2147483378 2013-Feb-20 14:51:28 Warning %LINK-W-Down: gi45
[code]....
View 1 Replies
View Related
Oct 25, 2012
I bought a CISCO SG200-18 switch. I added the Switch to my LAN and started the Switch (as described in the manual). The Switch starts the booting procedure (green blinking status LED) After a while, the LED starts to blink orange and green, instead of steady green.
In generally the Switch seems to work. I can access my whole network, but not the web interface of the switch itself. I also can't see the switch in the ADSL / DHCP rooter.
I also tried to boot the switch only connected to the PC. But ping on 192.198.1.254 is not working. The switch is in the same subnet like my other LAN components.
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Standardgateway . . . . . . . . . : 192.168.1.1
I exchanged the switch. But the new switch shows the same behavior.
View 3 Replies
View Related
Apr 11, 2012
Is L3 ip routing on by default in 3550s? If so is the "ip routing" command visible in the config file? If no - I assume that one would enable L3 routing with that config command.In general terms are there any IOS devices where ip routing is enabled and one would not see the "ip routing" command in config. I.E. if that command is not visible in the config could you assume there is no L3 capablity in that device?
View 1 Replies
View Related
Sep 18, 2012
The layer 2 switches are connected to layer 3 Switch via trunks, and routing between layer 2 switch ports with configured SVI's on 3550. All working fine. Now I'm trying to configure routing between 2800 and 3550, I tried connecting both Straight Throught and Crossover cables to the 2800 Fa0/0 and Fa0/1 ports as well as the switchports on 3550
No switchport commands are configured however, the lights do not go on for both straight through or crossover cables. I tried connecting 1750 routers but same result. My goal is to have all the VLANS routed to the internet with configuring NAT translation the router.
View 2 Replies
View Related
Apr 26, 2012
I have a 3550 l3 switch configured as follows:
vlan 10 ports 1-10
vlan 21 ports 11-20
vlan 30 port 21-30
vlan 40 ports 31-40
default vlan should be vlan 21
I have the servers, switch and router connected to vlan 21. Vlan 21 works great I can browse the internet, but I cannot ping any other vlans. router is connected to fa0/19
[code]
Building configuration...
Current configuration : 4833 bytes
!
version 12.2
no service pad
[code]....
View 11 Replies
View Related
Dec 2, 2011
I've been working with these two Cisco devices in my home off and on for several months now but I just can't take it anymore, I'm about to throw them away and go back to Linksys router.
I have a Cisco 2600 Router with only one Ethernet card in it so I have to trunk from my 3550 Switch to that device. I'd like to have my ISP and all users plug into switch and all trunk back to the router's sub interfaces. Currently, I have started over...again, and am unable to simply get the router and switch to ping each other if I put sub-interfaces on the router. See my configs:
2600 ROUTER:
Router#sho run
Building configuration...
Current configuration : 555 bytes
[code]......
3550 SWITCH:
Switch#sho run
Building configuration...
Current configuration : 2302 bytes
!
version 12.2
[code]..........
Port F0/24 is in VLAN 1, as are all ports but Port F0/1 which is my desktop PC. I mocked it up in Packet Tracer and it works just fine. This is just a simple setup and I'm making sure I can ping between switch and router before I move to each next step.
View 40 Replies
View Related
Jan 29, 2012
We have Nexus 7k running as my core with a 6500 manageing my server farm and IP services servers (call manager, IPTV ...)My edge switch are 4500s. We currently have RIP2 running between and the switchs and each 4500 is managing its own VLANs.The IPTV uses IGMP snooping and multicasting to broadcast the video feed. The problem that came up is that the we cannot configure a gatewar for the setup boxs for the IPTV system. They will only work on a single VLAN and they are spread all over the network.Can we configure only this VLAN to be propagated over our RIP network???
View 2 Replies
View Related
