I'm a beginner, but I'm slowly but surely learning new features in my Cisco SG-switch.
I want to use a centralized switch, in this I prefer to work with limitations for the rest of the network. Should I get any trouble with one of the other switches, I want to be able to replace these easily without making a lot of settings. That's the dream.
I got a SG300 as my central switch in my network and I have 8 stages. Each stage has its own "mainswitch", they should be able to communicate with each other on the same switch, but not to other stages. On my centralized switch I have a file server, WIFI and some internet which everyone needs to reach.
If I understood it all right, I can use the community VLAN and a PRIMARY VLAN to solve this.
I have created VLAN 11-18 as a community VLAN. 100 as Primary VLAN and 200 as Isolated/private VLAN.
Port 1-8 on my switch I setup COMMUNITY VLAN 11-18, on the rest I want PRIMARY VLAN. I have created these as TRUNK and PVID 11-18. They are untagged. Found a video about that, but I also saw someone that use other stuff then TRUNK.
Each port stop communicating with each other and if I put e.g. my port 11 as PVID 11 and UNTAGED, then it communicates with the things on port 1 from my centralized switch that have the same setting. That's how I want it to work to lock out the other stages from the separated stage network.
When I come to PRIMARY I have not managed to figure out if they should be ACCESS, GENERAL, TRUNK ... if they should be UNTAGED, TAGGED or EXCLUDE for the different VLANs. Should they be on PVID 100 which is my PRIMARY VLAN? Should I taged all the VLANS on PRIMARY VLAN-port?
Searched and read on internet, watched youtube clips and in most places I found, it is done as I described above ... but nothing how to handle the PRIMARY ports and how it could communicate to my COMMUNITY VLANS. I may have misunderstood it all and done the right thing, but that I hoped that from my PRIMARY ports will be able to access everything in PVID 11 to 18, but that they will not be able to communicate outside their community VLANS more then reach fileserver and WIFI.
If I have set up as I did, my questions are: "Can I access all my COMMUNITY VLANS from my PRIMARY VLAN or is it just that all my COMMUNITY VLANS access what is on the PRIMARY VLAN ports?" If it is possible to use PRIMARY VLAN: "How should I set port 19... TRUNK, ACCESS, GENERAL and what should it look like 1TP, 100T, 11T, 12T... so I can reach computer on PVID 11-18?"
port-type general, dynamically assigns a port access or trunk depending on the connected device define all ports connected to a normal pc as access, ports to other switches as trunk
tagged or untagged, defines if packed contain a vlan-tag, ports where pc's are connected should be untagged, on ports to other switches vlans should be tagged (you can tag all vlan's or untag a "default vlan") the untagged vlan (default vlan) on sending and receiving switch should match
NB! when using a Virtualisation host with multiple VM's in different vlans, its more complicated
Help us make the Cisco smart building solutions more useful for your industry.
Let us know how important these solutions are to your company by answering this short 4-question survey (your responses will remain completely anonymous).
Please take a minute...
Introduction to Routing ProtocolsStatic vs DynamicDistance Vector vs Link StateRoute Selection AlgorithmSingle Routing Protocol OnlyOpen Shortest Path First (OSPF)AreasRoute ConvergencePath SelectionMetric CalculationCharacteristicsEnhanced Interior Gatew...
Cisco DNA Center version 2.2.2.x includes the features and improvements that
New intelligence provides an easy, gradual, and complete adoption of SD-Access. Faster Cisco DNA Center set-up saves time and effort.
When using Cisco cellular modules with a SIM card an APN must be provided. The APN cannot be stored in the SIM card and is supplied by your SIM card provider. Cisco cellular software contains a database of well-known APNs based on the country and ...
Cisco 3850: IOS-XE/Firmware Upgrade
This procedure is aimed at Cisco 3850 switch ONLY.
IOS-XE Bundle Mode is not covered.
9300, 9500 (vanilla & high-performance), ISR 1k, ISR 4k and ASR is not covered.