Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6182
Views
10
Helpful
6
Replies

1800 series router - Trunk port \ L2 Switch question

Go to solution
shaunhayward2000
Level 1
Level 1

‎02-25-2011 03:10 AM - edited ‎03-04-2019 11:34 AM

Hi People,

I'd just like to say right at the beginning,.. I'm a complete n00b at this so please forgive me if these are really easy, stupid questions!!

Currently I have a 4510-48g HP\3COM switch as a core switch for my 4 VLAN network (which I hope to send back cause it doesnt do what I wanted it to do... PBR, which is what I need to route specific VLAN's to specific interfaces on the sonicwall,.. cause sonicwall dont understand trunk or spanning tree,. meh!) This may not happen so I've dug out an old CISCO 1800 sdsl router that has 1 FE0 port and 8 other ports, FE 1-8

The first thing I need to do is get everything to talk to each other. So I plugged the switch into it via its configured trunk port, and configured 4 sub interfaces on the router 1800 and all seemed happy as larry and working.

The problem I have is I dont seem to be able to create sub interfaces on the other ports!?

EXAMPLE:


User Access Verification

Password:
Router>en
Password:
Router#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
Router(config)#int fa0.100
Router(config-subif)#exit
Router(config)#itn fa1.100
                ^
% Invalid input detected at '^' marker.

Router(config)#

Why is this? I'm struggling to understand why you cant create 4 VLAN's and assign the VLAN the ip instead of the sub interface and then assign the port as a trunk

I dont know if I'm making any sense,.. but bassically,.. on the HP, you create 4 vlans,.. go into each vlan interface and assign the ip you need. then either assign the relevent port interface to access or trunk. if its a trunk, tell it which vlans you want to give access to and you away,... doesnt seem as simple on the cisco,.. can my device do this?

Many thanks in advance,.. Network drawing attached

Shaun

running config:

Router#show run
Building configuration...

Current configuration : 2358 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$XdN.$MwSFWx3ahZIkRxcfmdrqX1
enable password sys1881
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.100
encapsulation dot1Q 100
ip address 172.16.32.252 255.255.224.0
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.200
encapsulation dot1Q 200
ip address 172.16.64.252 255.255.224.0
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.300
encapsulation dot1Q 300
ip address 172.16.96.252 255.255.224.0
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.400
encapsulation dot1Q 400
ip address 172.16.128.252 255.255.224.0
no snmp trap link-status
no cdp enable
!
interface BRI0
no ip address
encapsulation hdlc
shutdown
no cdp enable
!
interface FastEthernet1
switchport access vlan 100
switchport trunk native vlan 100
vlan-id dot1q 100
  exit-vlan-config
!
mpls ip
no cdp enable
!
interface FastEthernet2
shutdown
no cdp enable
!
interface FastEthernet3
shutdown
no cdp enable
!
interface FastEthernet4
shutdown
no cdp enable
!
interface FastEthernet5
shutdown
no cdp enable
!
interface FastEthernet6
shutdown
no cdp enable
!
interface FastEthernet7
shutdown
no cdp enable
!
interface FastEthernet8
shutdown
no cdp enable
!
interface ATM0
no ip address
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
!
interface Vlan100
no ip address
vlan-id dot1q 100
  exit-vlan-config
!
!
ip classless
!
!
no ip http server
no ip http secure-server
!
access-list 100 permit ip 172.16.32.0 0.0.31.255 host 0.0.0.0
no cdp run
!
route-map WebTraffic permit 100
match ip address 100
set ip next-hop 172.16.32.254
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password sys1881
login
!
no process cpu extended
no process cpu autoprofile hog
end

Router#

Labels:
82216-Network Drawing-switch-flow-access2.vsd.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
IAN WHITMORE
Level 4
Level 4

‎02-25-2011 03:33 AM

The fe0 is a routed port. The others are "switch" ports. So you need to configure it like a switch. You need to create the vlan interaces:

int vlan 100

ip address x.x.x.x

int vlan 200

ip address x.x.x.x

etc.

The you need to go to fe1 for example and do:

#switchport mode trunk

#switchport trunk allowed vlan 100,200,x,x

Your router will probably complain if you use the same vlans as on the subinterfaces of fe0/0 cos of overlapping IP addresses. You will need to remove these first.

Then plug whatever into the f1. You can use your f0 for something else

HTH,

Ian

View solution in original post

0 Helpful
6 Replies 6

Go to solution
IAN WHITMORE
Level 4
Level 4

‎02-25-2011 03:33 AM

The fe0 is a routed port. The others are "switch" ports. So you need to configure it like a switch. You need to create the vlan interaces:

int vlan 100

ip address x.x.x.x

int vlan 200

ip address x.x.x.x

etc.

The you need to go to fe1 for example and do:

#switchport mode trunk

#switchport trunk allowed vlan 100,200,x,x

Your router will probably complain if you use the same vlans as on the subinterfaces of fe0/0 cos of overlapping IP addresses. You will need to remove these first.

Then plug whatever into the f1. You can use your f0 for something else

HTH,

Ian

0 Helpful

Go to solution
shaunhayward2000
Level 1
Level 1
In response to IAN WHITMORE

‎02-25-2011 04:31 AM

Thanks iwhitmore,

Ok, so I've configured the VLAN interfaces with IP's now,.. looks a lot better,.. switch and firewall can both now see ti with the correct VLAN tagging which is good,.. just gotta try work out the policy routing now!! :S ekkk

Can I ask though,.. what are the sub interfaces for then on FE0 ? if you cant give them the same subnet addresses as the VLAN's,.. are they there to be able to route WAN traffice or secondary networks into the current network

Please forgive my ignorance

Thanks

new running config:

Building configuration...

Current configuration : 2386 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$XdN.$MwSFWx3ahZIkRxcfmdrqX1
enable password sys1881
!
no aaa new-model
!
resource policy
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip subnet-zero
no ip routing
!
!
no ip cef
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
no cdp enable
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
ip address 192.168.1.1 255.255.255.0
no ip route-cache
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.100
encapsulation dot1Q 100
no ip route-cache
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.200
encapsulation dot1Q 200
no ip route-cache
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.300
encapsulation dot1Q 300
no ip route-cache
no snmp trap link-status
no cdp enable
!
interface FastEthernet0.400
encapsulation dot1Q 400
no ip route-cache
no snmp trap link-status
no cdp enable
!
interface BRI0
no ip address
encapsulation hdlc
no ip route-cache
shutdown
no cdp enable
!
interface FastEthernet1
switchport mode trunk
no cdp enable
!
interface FastEthernet2
switchport mode trunk
no cdp enable
!
interface FastEthernet3
shutdown
no cdp enable
!
interface FastEthernet4
shutdown
no cdp enable
!
interface FastEthernet5
shutdown
no cdp enable
!
interface FastEthernet6
shutdown
no cdp enable
!
interface FastEthernet7
shutdown
no cdp enable
!
interface FastEthernet8
shutdown
no cdp enable
!
interface ATM0
no ip address
no ip route-cache
shutdown
no atm ilmi-keepalive
dsl operating-mode auto
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0
no ip route-cache
vlan-id dot1q 1
  exit-vlan-config
!
!
interface Vlan100
ip address 172.16.32.252 255.255.224.0
!
interface Vlan200
ip address 172.16.64.252 255.255.224.0
!
interface Vlan300
ip address 172.16.96.252 255.255.224.0
!
interface Vlan400
ip address 172.16.128.252 255.255.224.0
!
ip classless
!
!
no ip http server
no ip http secure-server
!
no cdp run
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
password sys1881
login
!
no scheduler allocate
no process cpu extended
no process cpu autoprofile hog
end

0 Helpful

Go to solution
cadet alain
VIP Alumni
VIP Alumni
In response to shaunhayward2000

‎02-25-2011 04:50 AM

Hi,

subinterfaces on a fastethernet routed port are mainly used to do inter vlan routing (router on a stick method) when you have not a L3 switch.

Regards.

Alain.

Don't forget to rate helpful posts.

Go to solution
IAN WHITMORE
Level 4
Level 4
In response to cadet alain

‎02-25-2011 04:52 AM

Please rate the helpful posts.

Regards,

Ian

Go to solution
shaunhayward2000
Level 1
Level 1
In response to IAN WHITMORE

‎02-25-2011 04:54 AM

I'm trying 

Doesnt seem to do much though?

0 Helpful

Go to solution
IAN WHITMORE
Level 4
Level 4
In response to shaunhayward2000

‎02-25-2011 09:49 AM

Lol. It does plenty, thanks.

Ian

0 Helpful
Customers Also Viewed These Support Documents