I was assigned a task to configure an SG300-28P to have 3 different vlans.Now on VLAN1 their will be only one device configured with static IP 192.168.0.230,On the other 2 VLANS there will be a separate router connected on each one of them and will also act as a DHCP server.
View 4 RepliesI have purchased these two switches from ebay as a test lab, I plan to connect them up via a gigastack modulecable and enable ip routing on the c3550 and vlans to talk to each other.
I'm very much a procurve person and really need to get into the cisco switching.I will want to trunklacp between the switches - whats the process is setting that up on cisco switches?
Is it possible to have multiple dhcp pools for multiple VLANs? The switch is a 6509 and/or 4506 catalyst. I don't want to use server-based products.
View 5 Replies View RelatedI have 2 SG300-10 switches, and I need two VLANs, one for internal network and one for WiFi APs.I need ports 1->4 on both switches to be part of 1st VLAN and ports 5->8 on 2nd VLAN; and port 10 uplink to 2nd switch.How I set up the VLANs and interface VLAN mode?
[code]...
I am trying to setup VLAN's in the company I work for and I am almost there but missing the part when the internet works.I have an SG300 as a L3 Router IP 192.168.0.93.I have created VLAN20 and VLAN40 Assigned VLAN20 192.168.2.1 and VLAN40 192.168.4.1
The static routes have been created and a default router going to the Sonicwall firewall at 192.168.0.1.Port 24 is configured as Untagged VLAN1, Untagged VLAN20 and VLAN40 in trunk mode and going to the Sonicwall NSA 2400. [code]
Working to move all 192.168.0.x network off of VLAN1 and move it a management switch.I have DHCP helper on pointing to the DHCP server.Both VLAN's once the DHCP server is configured to Gateway 192.168.0.93 can get an IP from the correct subnet either 192.168.2.x or 192.168.4.x
All PC's are getting a GW IP of 192.168.2.1 pr 192.168.4.1.All test PC's on both VLAN's can ping each other and any server with the correct GW.When I try to ping google.com or open a web page and try google.com it times out.
I have spent several days tearing my hair out trying to properly configure our small business switch (SG300-10p) for voice. The phones are a relatively new addition and will replace old POTS phones.Our network consists of a 1941 ISR router, the SG300-10P switch, a mac server (handing DHCP, DNS, AFP), 4 client desktops and 4 SGA525G2 IP phones. The router, server, desktops and phones all have their own connection to the switch and the second data ports on the back of the IP phones are not used. We do not have any unified comms devices for voice. Our VOIP solution is hosted by a local SIP provider, and each phone independently registers with the provider's SIP proxy over the internet.
Left almost to it’s own devices (or presumably flat, default settings on VLAN 1), this whole setup works just great. We can TFTP files, make and receive calls, and do all the usual XML stuff. Calls are crystal clear. Even the localisation and directory works. However, I’ve been told several times that to ensure good quality on VOIP calls during periods of busy traffic, I should set up some form of QoS. A Voice VLAN on the switch, I was told, is the best way to do this as it automagically gives priority to the whole voice VLAN over the normal data VLAN.
I have followed instructions in numerous manuals, articles and guides, and have managed to create the Voice VLAN, both manually and automatically (I can watch Smartport detect the phones and see the Auto Voice VLAN add the ports to the VLAN as I connect them). The trouble is, as soon as this happens, the phones lose connectivity with the rest of the network, including the DNS server and the router, and therefore the internet, causing them to lose registration with the SIP service.
I tried adding the server and router ports to the Voice VLAN and tweaking every possible combination of tagged, untagged, excluded, trunk, access, general and PVID settings I can think of (by the way, I have no idea what any of those mean). The switch is in Layer 2 mode, but adding the port connected to the router to all the VLANs does not result in internet connectivity to the phones. I have told the phones to tag frames with the VLAN ID and told them not to. I have tried upgrading firmware and I have rebooted the switch so many times I'm tired of those wretched little flashing lights.
Nothing seems to work. And so I am stuck with everything on VLAN 1. My most recent thought is that the 1941 needs to know about the Voice VLAN (I checked CDP and it knows about the switch), but I’m reluctant to start messing with the router config when this is our production network, at least without knowing what I'm doing. I don’t even know if QoS applies when a Voice VLAN is not set up and we're on VLAN 1, some articles say yes, others say no. And when it is set up right, how does that priority transfer to the router? I’ve looked in the router manual and config options and found something called 802.1Q, but I have no idea what it is, how it works or even if it applies to our situation. Can I forgo VLANs altogether and use QoS some other way, perhaps?I have googled enough to cobble together our setup in IOS up until now. Ideally, I would still like to be able to ssh or https into each device (as I do now) for management, and I’ve read about setting up a another VLAN for config, monitoring etc, but I guess that would mean routing between VLANs in Layer 3.
Is it possible to configure both Catalyst WS-C2960-24PC-L and Switch Cisco SG300-28 to work together for VLANs for voice and data ? If yes, can you give me the resources which I can refer to ?
View 4 Replies View RelatedI just received a new Cisco SG300-10 and am configuring it in Layer 3 mode. I am trying to setup multiple routed VLANs going back to a FiOS Actiontec router. My configuration is as follows.
Fios Router: 192.168.1.1
Assigning DHCP 192.168.1.2 through 100.
SG300-10 has VLan 1 ip 192.168.1.5 used for Mgmt.
VLAN2 is 10.0.2.1
VLAN3 is 10.0.3.1.
I have a static route set on the fios router for both subnets setup as follows.
Destination 10.0.3.0 Gateway 192.168.1.5 Netmask 255.255.255.0 Metric 1
Destination 10.0.2.0 Gateway 192.168.1.5 Netmask 255.255.255.0 Metric 1
I have a laptop connected to Gi8 on the Cisco (Vlan 3) and statically assigned 10.0.3.3, with a gateway of 10.0.3.1. DNS set to the fios router (192.168.1.1).
Everything pretty much works EXCEPT, I cannot get out to the internet from either vlan. Traffic routes between vlans/and the default subnet on the fios without issue.
When I ping out, DNS resolves, but will not go past the fios router. Am I missing a setting somewhere?
I recently set up a Cisco 881 to cover a small business network. The router is currently set up and working as expected. We recently decided to move to VoIP phones and here is where I'm running into some issues.
First an overview: We run a network with a cable internet WAN connection, this connection is DHCP, however we have a static IP through our ISP. We also have a block of 30 additional IP addresses for one to one mapping as we need them. The new VoIP system is being run over T1 lines throughout the township (we are a municipal organization) and the VoIP system is being run to about 5 buildings in the township.
This brings me to the topic of VLANs. As the phone engineer explained it to me, there is a network set up over the T1 that allows the VoIP equipment to talk to one another and operates all of the VoIP phones on one network. The equipment that is being installed at our building connects to the network over the T1 and "talks" to the other equipment on the network. The engineer wants to create a VLAN and run it on ports fa1 and fa2, with the fa2 port being connected to the actual "MPLS" (their term) that connects to the T1 and into the cloud, and the fa1 port connected to the internal phone switch.
TLDR; The problem is this: When we attempt to set up the VLAN on ports fa1 and fa2, we have no connectivity with the other units in the external VoIP cloud. Pinging while directly connected to the "MPLS" yields successful pings, while pinging from the router with the "MPLS" connected to fa2 yields failures. I'm going to post the running config below, I feel like what we're doing should be working. I asked around about subinterfacing, but others seemed to think this was not necessary.
ROUTER CONFIG
Building configuration...
Current configuration : 4909 bytes
!
! No configuration change since last restart
version 15.1
[Code].....
Switch: SG500 VLANS: 1 (default) xxx.xxx.0.0/24 network, 150 (device management vlan) xxx.xxx.150.0/24 network I am plugged into port 1. This is a trunk port with VLANs assigned as follows: VLAN 1 (Default) - UntaggedVLAN 150 (dev mgmt) - Tagged Device is plugged into port 2. This is an access port with the following VLAN assigned: VLAN 150 - Untagged Why is it I cannot communicate with the device on port 2?
View 1 Replies View RelatedI have a above said switch at my remote office (600KM) which is connected with L2 Point to Point leased line. Both the ends I have Cisco 3950 catalyst switches with Vlans configured at both the ends. Now, for obvious reasons I should remove the other end 3950 switch and replace with Cisco 2950 switch. The other end 3950 is having 4 Vlans configured on 4 ports. Now my requirement is, I should configure 3 Vlans (one for P2P, one for 10 Desktops and one for to bring traffic from other network).
View 1 Replies View RelatedI can not get dhcp to work.I can ping from the switch to both vlans...
here is my config for the router.....
Router is a 1760
Current configuration : 1379 bytes
!
version 12.4
service timestamps debug datetime msec
[Code]....
I have a a hardware server running a VM hosting virtual servers which are all on different VLANs. My challenge now is to configure the switchport that the server is connected to, to see all the VLANs needed by this VM. The VM has an IP that is used for managing the server VMs which is on a different VLAN also.
My switch is a 2960 switch and it is presently trunked from the core switch.
I am aware that private-vlans are not supported on edge switches like 2960 series - so my question is would it be possibel to ceate private vlans on say just the core switch which would be a 3570 or 4506 that supports private vlans and then just trunk these to the edge like normal vlans?
what I need to achive is to have edge port not able to communicate to each other even across switches - which cannot be done using 'protected' port so need the private vlan feature
I would like to configure a 3750 switch port to be able to use two vlans. I know you can do this with a voice and data vlan, but what about two data vlans ? Say I have two devices, one on a 10 subnet and the other on a 172 subnet, but i only have one wall jack for both devices to plug into. So I use a mini switch to connect both devices and connect the switch to the wall jack; and of course this all leads back to one switch port. When I go to enter the switchport access vlan 172 cmd, how would I also make it so the device on the 10 subnet could route out ?
View 9 Replies View RelatedWe need to give differentiated internet access to three VLANs. Each one of this VLANs is used for totally different purposes, so traffic between the VLANs is not allowed. Each VLAN has its own internet access provided for the data center using one fast ethernet connection.
We're thinking about using cisco 2911 for Internet access, VPN and firewall. I suppose that best option for VLANs is using Catalyst 2960S or a swithing module for the 2911, but these two options are too expensive for us. We're thinking about using swtiches from the SB series (maybe a SG-200).
We're totaly newbies to VLANs so we have many doubts. This are our questions:
1) The 2911 has three on board ethernet interfaces; we have three VLANs and three internet connections, so we need to use HWICs to get three more ethernet ports. That's right?
2) We need three HWICs or there is some kind of HWIC with more that one ethernet interface?
3) The routing solution is to assign static routes in the 2911 for each interface connected to a VLAN through a 2911's interface connected to internet?
4) Simply connecting three different router interfaces with three different switch ports, each one of them assigned to one of the three different VLAN, are we going to get internet access for all devices in those VLANs? or do we need to configure something else like trunking, VSIs...?
5) Can we achieve our goals using the SG-200 switch?
6) We have the chance to use older routers, is this possible? We're specially interested in knowing if a 1841 or a 2801 router could be used for this setup.
7) This is not a production environment so we can use refurbished equipment.
We have a customer that is relocating thier headquarters. They have a temporary requirement to bridge multiple vlans or a router T3 link to the new location as they cannot change the IP subnets. Setup is 3560 switch connecting to a 3845 then T3 to remote 3845 and 3560. I need to bridge multiple VLANs. I have seen a good example on how to do it over sonet but I don't see how to translate that to an HDLC or Frame Relay encapsulation for the T3 Link.
View 5 Replies View RelatedI'm going to have several SG300-28P switches to setup. I'll need to create multiple vlans for data, voice, and wireless traffic. I have the following questions in setting up this configuration:
VLAN 1 Management
VLAN 100 Data
VLAN 200 Wireless
VLAN 300 Voice
1) For managing the switches via IP, will LAN1 be the default management network? Should I create a seperate VLAN for managing the switches?
2) For uplinking the switches together, I plan to trunk a port to connect the switches together. What's the configuration on the trunk port to forward all vlans from one switch to another?
3) On some ports, I want to configure a trunk for two vlans (Data and Voice) where the phone has a pass through for PC. The phone supports tagging for the PC and the VoIP traffic. For example on port 10, would VLAN 100 and 300 be set to tagged?
I have a Cisco SG200 26 Port Switch, 2 Cisco WAP4410N Access points, and a VLAN aware Router. I have created 4 VLAN's. For the sake of this conversation lets call them.
98 - Intel Vpro
99 - Management
100 - General
101 - Guest
The Access points are capable of doing V LAN tagging so I plan on having them tag a guest network as V LAN 101. That can get sent to the V LAN aware router and out. No problem. I have some devices, or management pages that I don't want accessible from the general network. (Intel V pro KVM, Remote Management Cards, AP Config Menus, Switch config menu...) . I need to be able to take a V LAN unaware device, plug it into port 1, and have it communicate with V LAN 98, 99 and 100.
My problem is that I have a Cisco 300 series small business switch with multiple VLANS each one with an IP address and two or three ports assigned to each VLAN. I have an E3200 wireless router that I want to use to use to share internet on the switch. All of the VLANs are reachable from the other VLANs and I've put a static route on the E3200 so that I can reach the VLANs from a machine connected only to the router. But I can't reach machines on the otherside of the router or get to the internet from the switch.
View 3 Replies View RelatedI have a SG300-28P that is our Main VLAN Switch. Though the VLANs that I have on it are there mostly because of our Edge Router and our AP541Ns.We have the Following VLANs defined (Subnets Changed to conseal Piblic IPs) [code]
VLAN200 and VLAN201 come into Our Edge Router and out on a Single GE Port via VLAN Tagged to thje SG300.The SG 300 Splits them out to Untagged Ports and they are connected to Two Firewalls, each with a IP in the 200 and 201 Subnets. The AP510 has the VLAN200, VLAN192 and VLA101 tagged Subnets sent to it. The AP521 has three SSID, each associated with a Paticular VLAN.
This all works fine, though there are a few hidden flaws. Since all of the VLANs are present, both Internal and Public IPs, one could craft packets form one network and use the SG300 as its gateway to the other subnet and Gain Access. How can I isolate the Subnets, so that I can still use the SG300 as a Default Gateway for the 10.1.0.0/16 Network Make it so if someone from the 10.1.0.0/16 netwok accesses the 201.201.201.0/24 Subnet it uses the SG300's 0.0.0.0 0.0.0.0 default router (the Firewall IP) and not the VLAN InterfaceIf somone in the 201, 200, 192 Subnets uses the SG300 as a Gateway and tries to access a 10.1.0.0/16 address it gets blocked.
I've seen lots of posts from people having problems routing traffic between two vlans with some complicated examples. Any simple step-by-step example for an SG300 switch (in layer 3 mode) to configure two vlans and sending traffic between the two vlans without an external router?
-VLAN1 10.10.10.0
-VLAN2 10.10.20.0
I've tried to do this through the GUI and can't seem to make it work. I'm missing something in the GUI.
I have a RV180W and a EnGenius EAP350 Access Point. The EnGenius supports multiple SSID's and VLAN tags them. If port 1 on the RV180W has VLAN 1 untagged and VLAN2 tagged, any connection to the EnGenius always gets an IP from the VLAN 1, even though they are connected to the SSID which is tagged with VLAN2.
View 3 Replies View RelatedI have 2 ASA5510's acting as routers/firewalls, setup on a LAN, each one pointing to a different gateway (different ISPs), and the exact same VLANs set up as sub-interfaces on each of these. Both act as DHCP relays to a Windows Server 2008 DHCP server. All the Trunking has been setup and works. When I Untag a switch port, and point it to whichever gateway?
View 2 Replies View RelatedI've got an aol engineer visiting Thurs.to examine connection loss (since last Weds). But I'm convinced the problem is with the router. But from the tone of the aol tech questions I suspect he's already briefed his engineer to do his best to represent the problem as being either with my computer or positioning of router/filters/condition of wall-sockets - usual getouts.The talktalk router is neww, issued Feb 12, after my original router, speedtouch, started suffering idle timeouts every day.
View 3 Replies View RelatedI can connect to this router via Lan and have no problems.Via Wi Fi it connects but will not communicate with the router or see find the router vias ip address..I have turned on auto ip finding in network settings for Lan and for Wireless but wi fi still does not allow access to internet. It just says local only.when i go to Command prompt and do ipconfig /all it says all DHCP enabled are off!!
View 1 Replies View RelatedI have a c3560 that on Port 1 I can not get any device to talk to the DHCP server.Previously there was a client connected to this port however over the weekend he stated he lost connectivity.
In my troubleshooting I have connected that client to another port and now he is good to go...I connected my laptop and tried to connect to the network however I could not.I checked the logs and did not see anything that lead me to think it was having problems.
Is there another way to shut this down and hopefully start it back up without having to restart the entire switch?
how i can configure a second ssid for guest access in our environment. this is our network setup prior to this request: Internet----Firewall (not ASA)---ce520---C1131AG and CME router is also connecting to the ce520 switch. we only have two vlans: one for voice and two for data.
Presently, there is no vlan configured on the AP because it on broadcasting ont ssid and wireless users gets IP from a windows DHCP server on the LAN. the configuration on the ce520 switch port for the AP and other switches say access vlan is the DATA vlan which automatically becomes the native vlan for all trunk port connecting the AP and other Stiches to the network.
Now with this new requirement, i have made my research and i have configured the AP to broadcast both the production and the guest Vlans. The two vlans are 20-DATA and 60-Guest. I made the DATA vlan on the AP the native vlan since the poe switch is using the DATA vlan as native on the trunk ports. I configured the firewall to serve as DHCP server for the guest ssid and i have added the ip helper-address on the guest vlan interface on all switches while the windows server remains the dhcp server for the production DATA Vlan. I have confirmed that the AP, switches can ping the default gateway of the guest dhcp server which is another interface on the firewall. I can now see and connect to all broadcasted ssids but the problem is I am not getting IP addresses from both the production dhcp server and guest dhcp server when i connected to the ssid one at a time. My AP config is attached below.
Do i need to redesign the whole network to have a native vlan other nthan the data vlan? Does the access point need to be aware of the voice vlan? Do the native Vlan on the AP need to be in Bridge-group 1 or can i leave it in bridge-group 20?
My question is if I can configure 3 ssid, for 3 different VLAN and add the DHCP address from a WAP4410N AP, when you upgrade to the latest version of IOS I can have this functionality?
View 2 Replies View Relatedi am having trouble connecting my msi laptop to my talktalk to router i have another laptop that i cant really use however i turned it on to c if i can connect it to internet and i can but can not not matter what i do connect this one.
View 4 Replies View Relatedi am trying to get a SG300 work as a router between VLAN's?So fare without any lock?Test setup one SG300 switch and 2 PC's ?Ping works from host to VLAN IP's, but not from host A to host B
Here is the host configuration
<TABLE style="BORDER-BOTTOM: #000000 1px solid; BORDER-LEFT: #000000 1px solid; WIDTH: 400px; BORDER-TOP: #000000 1px solid; BORDER-RIGHT: #000000 1px solid" class=jiveBorder border=1 cellSpacing=0 cellPadding=3 mcestyle="BORDER-BOTTOM: #000000 1px solid; BORDER-LEFT: #000000 1px solid; WIDTH: 400px; BORDER-TOP: #000000 1px solid; BORDER-RIGHT: #000000 1px solid">
[code]...
Here is the switch configuration
SG300 with FW 1.1.2.0 configuration i L3 mode
set system mode router
confip routing (needed on SG300??? - ti is on a 3560 i PacketTracer)
vlan databasevlan 5vlan 6vlan 7
[code]...
I have just purchased a SG300-28P switch I am using a GUI to do my config. I cant create VLANs just fine on this but I can not assign IP address to the VLANs.
I just want to have a Data and Voice VLAN on this I am planning on leaving data on VLAn 1 but I can't seem to find an option to assign an IP address to my voice vlan.
For some odd reason I cant access this switch using a console port.
I have 2 sites located 500 meters away and i connect it via 2 x RVS4000. I managed to get the site to site VPN up Via internet and from my network 192.168.1.x able to reach 192.168.2.x. -where 192.168.1.100 (user try to acces my FTP server 192.168.2.99) has no issues but it's slow due to my internet connection speed.
So i setup another link via wireless( wireless bridge ) purpose is to resolve slow connection via internet.
But some how i try to set traffics divertion from 192.168.1.x to 192.168.2.99 via local LAN faild.
how possible to setup the network such as picture attached with RVS4000?