07-03-2013 03:03 PM
Dear All,
thank you in advance for taking the time to read this.
A bit of background:
I am installing a project for a sporting even which unfortunately is on a fairly tight budget with a potentially significant amount of users in the network (~200 without public WIFI). I need to seperate 5 usergroups and give them all internet access without letting them see each other. Also the 5 Usergroups share the same bandwidth to the internet and the VLANs must be bandwidth controlled.
For that purpose I had planned to utilize Cisco devices built in features and purchased a Cisco 1921 router as well as a SG500 switch.
I configured the router for 8 subinterfaces on it's internal NIC with 8 VLANs. I also configured 8 DHCP Pools on the 1921 and configured NAT and firewalling.
What I want to do now is to have the SG500 to recognize the VLAN ID's I configured on the router (and also on the switch using the same VLAN ID Numbers), then assign ports to the VLANs on the switch and depending on where I plug in on the switch, the device receives different DHCP IP Adresses.
However, I can't get that to work.The Router works just fine, the switch if left 'untouched' gives me an IP adress from DHCP of the highest VLAN network IP address (I.e. 168.8.0) . but I can't configure the ports on the switch properly so this works. What also confused me is that the dhcp pools I configured on the command line on the router do not show up in CP professional in the pool mask.
Can anybody please kindly review the router configuration and shed some advice as to how I need to configure the Ports on the SG500? I must say that I might have had too many nights and I seem to confuse tagging, untagging, excluding and forbidding ;.)
I have the router configuration for you here:
Thank you again and good night!
W.
Solved! Go to Solution.
07-04-2013 07:32 AM
Hi Wolfgang, for the sx500 configuration can be something like this
config t
vlan database
vlan 2-8
int gi1/1/1
switchport mode general
switchport trunk allowed vlan add 2-8 tagged
switchport general ingress-filtering disable
For any port client connecting should be untagged access port
So if you want a client access port then you should make something like 5 untagged to that port
config t
int gi1/1/2
switchport mode access
switchport access vlan 5
-Tom
Please mark answered for helpful posts
07-04-2013 07:32 AM
Hi Wolfgang, for the sx500 configuration can be something like this
config t
vlan database
vlan 2-8
int gi1/1/1
switchport mode general
switchport trunk allowed vlan add 2-8 tagged
switchport general ingress-filtering disable
For any port client connecting should be untagged access port
So if you want a client access port then you should make something like 5 untagged to that port
config t
int gi1/1/2
switchport mode access
switchport access vlan 5
-Tom
Please mark answered for helpful posts
07-04-2013 02:01 PM
DearTom,
Thank you, your examples helped me along in setting this up.
I had not configured the input port as general and also only now got the port joins to e VLANS right.
Works nicely for now!
W.
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide