02-20-2022 09:15 AM
Hi,
Do any of you have skills in the Cisco ISR 900 Series?
I am setting up a network infrastructure with a c921-4P router and two Cisco SG250 switches. All devices are new and without any configurations on them.
when I wanted to create my sub-interfaces on the trunk port of the router, I understood that it was not possible because the ISR 900 series manages its LAN ports like a switch.
I'm in a bad place because my work to get to this point is totally broken now.
My questions are to find a solution and a good process to make my infrastructure available to manage four Vlans distributed on the two switches having the c921 router as master.
I've searched a lot but haven't found any good answers so far:
- Should I create a VTP configuration on the router to be the server and configure both switches to be clients?
- If not, what should I do?
- I have trouble understanding how to do the wiring?
- And I have trouble understanding how the router part works?
Thank you in advance for your feedback
Benjamin
Solved! Go to Solution.
02-20-2022 09:43 AM
Hello,
below is a basic configuration for the 921. Coonect the SG250 switches to an RJ-45 LAN port, and GigabitEthernet 5 to the ISP router/modem.
Current configuration : 1087 bytes
!
! No configuration change since last restart
! NVRAM config last updated at 06:11:03 UTC Mon Sep 17 2018
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C921
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
license udi pid C921J-4P sn PSZ22241C1T
!
redundancy
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8
!
interface GigabitEthernet0
description Link to SG250_1
switchport access vlan 1
!
interface GigabitEthernet1
description Link to SG250_2
switchport access vlan 1
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet5
description Uplink to ISP
ip address dhcp
ip nat outside
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet5 overload
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet5 dhcp
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
control-plane
!
vstack
!
line con 0
line vty 0 4
login
transport input none
!
scheduler allocate 20000 1000
!
end
02-21-2022 10:15 AM
Hello,
if you need several Vlans, create the Vlan interfaces on the router, and the GigabitEthernet interfaces on the router that connect to the swtches as trunks.
02-22-2022 11:01 AM
Hello,
the default router IP addresses configured in your DHCP pools need to be the same as the Vlan interface IP addresses:
Current configuration : 1826 bytes
!
! Last configuration change at 16:30:12 UTC Tue Feb 22 2022 by
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RZA
!
boot-start-marker
boot-end-marker
!
enable password
!
no aaa new-model
!
ip dhcp excluded-address 192.168.x.1 192.168.x.15
ip dhcp excluded-address 192.168.x.1 192.168.x.15
ip dhcp excluded-address 192.168.x.1 192.168.x.22
!
ip dhcp pool vlan_
network 192.168.x.0 255.255.255.0
default-router 192.168.x.1
dns-server 8.8.8.8
!
ip dhcp pool vlan_*****
network 192.168.y.0 255.255.255.0
default-router 192.168.y.1
dns-server 8.8.8.8
!
ip dhcp pool vlan_
network 192.168.z.0 255.255.255.0
default-router 192.168.z.1
dns-server 8.8.8.8
!
ip domain name
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
license udi pid C921-4P sn PSZ25521HCQ
!
username password 0
!
redundancy
!
interface GigabitEthernet0
description link to ODB
switchport trunk native vlan 199
switchport mode trunk
no ip address
!
interface GigabitEthernet1
description link to GZA
switchport trunk native vlan 199
switchport mode trunk
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
ip address dhcp
duplex auto
speed auto
!
interface GigabitEthernet5
no ip address
shutdown
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.x.1 255.255.255.0
!
interface Vlan2
ip address 192.168.y.1 255.255.255.0
!
interface Vlan2
ip address 192.168.z.1 255.255.255.0
1
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip ssh version 2
!
control-plane
!
line con 0
line vty 0 4
login local
transport input ssh
transport output ssh
!
scheduler allocate 20000 1000
!
end
02-20-2022 09:43 AM
Hello,
below is a basic configuration for the 921. Coonect the SG250 switches to an RJ-45 LAN port, and GigabitEthernet 5 to the ISP router/modem.
Current configuration : 1087 bytes
!
! No configuration change since last restart
! NVRAM config last updated at 06:11:03 UTC Mon Sep 17 2018
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname C921
!
boot-start-marker
boot-end-marker
!
no aaa new-model
!
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
license udi pid C921J-4P sn PSZ22241C1T
!
redundancy
!
ip dhcp excluded-address 192.168.1.1
!
ip dhcp pool LAN
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
dns-server 8.8.8.8
!
interface GigabitEthernet0
description Link to SG250_1
switchport access vlan 1
!
interface GigabitEthernet1
description Link to SG250_2
switchport access vlan 1
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
no ip address
shutdown
duplex auto
speed auto
!
interface GigabitEthernet5
description Uplink to ISP
ip address dhcp
ip nat outside
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
ip nat inside
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip nat inside source list 1 interface GigabitEthernet5 overload
!
ip route 0.0.0.0 0.0.0.0 GigabitEthernet5 dhcp
!
access-list 1 permit 192.168.1.0 0.0.0.255
!
control-plane
!
vstack
!
line con 0
line vty 0 4
login
transport input none
!
scheduler allocate 20000 1000
!
end
02-21-2022 09:54 AM
Hello @Georg Pauwen,
Thank you very much for your answer, I will do it tomorrow as soon as possible.
- And to access several VLANs, I configure go0 and go1 as a trunk on the router and the same on the switches, could that be it?
- And I also create the VLANs on the switches according to their distribution on the ports?
I understand better how the router works now, again thank you very much and I will tell you how it works !!
Benjamin
02-21-2022 10:15 AM
Hello,
if you need several Vlans, create the Vlan interfaces on the router, and the GigabitEthernet interfaces on the router that connect to the swtches as trunks.
02-22-2022 07:39 AM
Hello @Georg Pauwen,
ok thank you, I run the config and let you know
02-22-2022 10:40 AM
hello,
I think I forgot something or there is a configuration that blocks the dhcp attribution.
The SG250 does not seem to want to switch from operational mode to trunk mode
RZA : router c921-4P
GZA : switch SG250-26P
- int gi1 GZA (picture1) and int gi1 GZA switchport (picture 2) :
- int gi1 RZA switchport (picture 3) :
02-22-2022 10:47 AM
RZA (router) running-config :
RZA#sh running-config
Building configuration...
Current configuration : 1826 bytes
!
! Last configuration change at 16:30:12 UTC Tue Feb 22 2022 by
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RZA
!
boot-start-marker
boot-end-marker
!
!
enable password
!
no aaa new-model
!
!
!
!
!
!
!
!
ip dhcp excluded-address 192.168.x.1 192.168.x.15
ip dhcp excluded-address 192.168.x.1 192.168.x.15
ip dhcp excluded-address 192.168.x.1 192.168.x.22
!
ip dhcp pool vlan_
network 192.168.x.0 255.255.255.0
default-router 192.168.0.x
dns-server 8.8.8.8
!
ip dhcp pool vlan_*****
network 192.168.x.0 255.255.255.0
default-router 192.168.0.x
dns-server 8.8.8.8
!
ip dhcp pool vlan_
network 192.168.x.0 255.255.255.0
default-router 192.168.0.x
dns-server 8.8.8.8
!
!
!
ip domain name
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
!
!
license udi pid C921-4P sn PSZ25521HCQ
!
!
username password 0
!
redundancy
!
!
!
!
!
!
interface GigabitEthernet0
description link to ODB
switchport trunk native vlan 199
switchport mode trunk
no ip address
!
interface GigabitEthernet1
description link to GZA
switchport trunk native vlan 199
switchport mode trunk
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
ip address dhcp
duplex auto
speed auto
!
interface GigabitEthernet5
no ip address
shutdown
duplex auto
speed auto
!
interface Vlan1
no ip address
!
interface Vlan2
no ip address
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip ssh version 2
!
!
!
!
control-plane
!
!
line con 0
line vty 0 4
login local
transport input ssh
transport output ssh
!
scheduler allocate 20000 1000
!
end
02-22-2022 11:01 AM
Hello,
the default router IP addresses configured in your DHCP pools need to be the same as the Vlan interface IP addresses:
Current configuration : 1826 bytes
!
! Last configuration change at 16:30:12 UTC Tue Feb 22 2022 by
!
version 15.8
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname RZA
!
boot-start-marker
boot-end-marker
!
enable password
!
no aaa new-model
!
ip dhcp excluded-address 192.168.x.1 192.168.x.15
ip dhcp excluded-address 192.168.x.1 192.168.x.15
ip dhcp excluded-address 192.168.x.1 192.168.x.22
!
ip dhcp pool vlan_
network 192.168.x.0 255.255.255.0
default-router 192.168.x.1
dns-server 8.8.8.8
!
ip dhcp pool vlan_*****
network 192.168.y.0 255.255.255.0
default-router 192.168.y.1
dns-server 8.8.8.8
!
ip dhcp pool vlan_
network 192.168.z.0 255.255.255.0
default-router 192.168.z.1
dns-server 8.8.8.8
!
ip domain name
ip cef
no ipv6 cef
multilink bundle-name authenticated
!
license udi pid C921-4P sn PSZ25521HCQ
!
username password 0
!
redundancy
!
interface GigabitEthernet0
description link to ODB
switchport trunk native vlan 199
switchport mode trunk
no ip address
!
interface GigabitEthernet1
description link to GZA
switchport trunk native vlan 199
switchport mode trunk
no ip address
!
interface GigabitEthernet2
no ip address
!
interface GigabitEthernet3
no ip address
!
interface GigabitEthernet4
ip address dhcp
duplex auto
speed auto
!
interface GigabitEthernet5
no ip address
shutdown
duplex auto
speed auto
!
interface Vlan1
ip address 192.168.x.1 255.255.255.0
!
interface Vlan2
ip address 192.168.y.1 255.255.255.0
!
interface Vlan2
ip address 192.168.z.1 255.255.255.0
1
ip forward-protocol nd
no ip http server
no ip http secure-server
!
ip ssh version 2
!
control-plane
!
line con 0
line vty 0 4
login local
transport input ssh
transport output ssh
!
scheduler allocate 20000 1000
!
end
02-22-2022 10:52 AM
GZA (switchSG250) running-config :
GZA#sh running-config
config-file-header
GZA
v2.5.5.47 / RTESLA2.5.5_930_364_286
CLI v1.0
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end
!
!
unit-type-control-start
unit-type unit 1 network gi uplink none
unit-type-control-end
!
vlan database
vlan x-x,199
exit
voice vlan oui-table add 0001e3 Siemens_AG_phone
voice vlan oui-table add 00036b Cisco_phone
voice vlan oui-table add 00096e Avaya
voice vlan oui-table add 000fe2 H3C_Aolynk
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone
voice vlan oui-table add 00e075 Polycom/Veritel_phone
voice vlan oui-table add 00e0bb 3Com_phone
bonjour interface range vlan 1
hostname GZA
username password encrypted privilege 15
ip ssh server
snmp-server server
ip telnet server
!
interface vlan x
name
!
interface vlan x
name
!
interface vlan x
name
!
interface vlan 199
name native
!
interface GigabitEthernet1
description link_to_RZA
spanning-tree link-type point-to-point
switchport mode trunk
switchport access vlan 199
switchport trunk native vlan 199
macro description switch
!next command is internal.
macro auto smartport dynamic_type switch
!
interface GigabitEthernet2
switchport access vlan
!
interface GigabitEthernet3
switchport access vlan
!
interface GigabitEthernet4
switchport access vlan
!
interface GigabitEthernet5
switchport access vlan
!
interface GigabitEthernet6
switchport access vlan
!
interface GigabitEthernet7
switchport access vlan
!
interface GigabitEthernet8
switchport access vlan
!
interface GigabitEthernet9
switchport access vlan
!
interface GigabitEthernet10
switchport access vlan
!
interface GigabitEthernet11
switchport access vlan
!
interface GigabitEthernet12
switchport access vlan
!
exit
02-22-2022 11:27 AM
It's all right
Very sincerely, I send you a huge thank you for your feedback as good as reactive and now I will continue the deployment.
If I can ask you if I have any questions, and above all thank you again a thousand times.
Benjamin
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: