cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1307
Views
0
Helpful
17
Replies

How to make a commoun VLAN ??

reagentom
Level 1
Level 1

Dear All;

I have Cisco Catalyst Switch 4006 with Supervisor II OS with 4232-L3 routing module, witch is configured for 5 VLANS, each VLAN cann't communicate with others.

I want to make VLAN 5 as a common VLAN so it can communicate with all others VLANS.

Attached is a copy of my show running-config on the routing blade

Please Help

Thanks

17 Replies 17

ToddWarren
Level 1
Level 1

I assume your gigabit interface are trunks to other switches??

Create 5 VLAN interfaces. i.e. Interface VLAN1 thru VLAN5. Move your 'ip address' and 'ip helper' commands under their respective VLAN interface. Don't forget to enable the vlan interfaces by issuing the 'no shutdown' command under each interface.

Your InterVlan routing should function provided you are using the proper IOS feature set.

HTH

hi,

Thanks sir for you comment, I don't have other switches I have only one Cisco Catalyst Switch 4006 with Supervisor II OS with 4232-L3 routing module.

Sorry I don't understand what do u mean by "Create 5 VLAN interfaces. i.e. Interface VLAN1 thru VLAN5. Move your 'ip address' and 'ip helper' commands under their respective VLAN interface"

the exact setuation is I have 5 Vlan with 1 DHCP server in VLAN3, all Vlans Picking IP address from this DHCP, all VLANS is not comunicated together, what I would like to do is make VLAN5 is able to access and communicate with all other VLANs but keep other VLANs (2,3,4) not communicated as it is..

Thank you in advance and please try to help me ASAP cuz it's very urgent for me

Thanks

you can create virtual interface for VLAN 5 and put the access list to block the routing for other`s VLAN.thankx

door

hi door,

please give me more details

UP

Please, anybody try to help URGENT

Can you post your current configuration so we can help.

Daniel

In your current configuration, the vlan doesn't exist.

You have to create 5 vlan first.

Best regards.

handoko.wiyanto
Level 1
Level 1

Hi,

it's a little bit different to configure inter vlan routing in 4000 series. First, check this link

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat4000/inst_nts/78_10164.htm#24106

http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a008009478e.shtml

1.Console your SUP, create vlan 1-5.

2.There are 2 virtual gigabit link, between SUP and the routing module (4233), you can configure them as ether channel. Then,

configure this link as trunk. In 4006, they don't support isl, so you must use dot1q.

3.COnsole your routing module, after configure the gigabit link as ether channel, then don't forget to configure this link as

trunk.

4.configure sub interface on gigabit link,

ex:

interface g1/1.1 switch port trunk encapsulation dot1q --> vor vlan 1

interface g1/1.1 switch port trunk encapsulation dot1q --> vor vlan 2

.

.

interface g1/1.1 switch port trunk encapsulation dot1q --> vor vlan 5

at this point, vlan 1-5 can communicate each other well. That's all to make intervlan routing in 4000 series. But our goal

is...

to make only vlan 5 is accessible for the others, that's why we must congigure accesst-list. for example, the ip address are

for vlan 1 192.168.1.x

for vlan 2 192.168.2.x

for vlan 3 192.168.3.x

for vlan 4 192.168.4.x

for vlan 5 192.168.5.x

and then we can create accesst-list, in this case i refer to use extended accesst-list,

ip access-list 101 permit ip 192.168.1.0 0.0.0.255 192.168.5.0 0.0.0.255

then apply to sub-interface for vlan 1

interface g1/1.1

ip access-group 101

well, i think that's all, now you can make access-list for the rest.

i hope this can help,

regards,

Dear friend

Thanks for your help, right now I have some confusion after submiting my case in the forum I got so many replies and right now I don't know if the inter-vlan routing is working on my switch or not !!!my current setiuation is:

1- I have 5 Vlans 1 – 5 with IPs

- (VLAN 2) 172.16.2.10 – 172.16.2.254

- (VLAN 3) 172.16.3.10 – 172.16.3.254

- (VLAN 4) 172.16.4.10 – 172.16.4.254

All PC’s connected to these Vlans has a Deferent Gateway witch is ISA server witch is PC inside the same VLAN For Ex. VLAN3 PCs has gateway (172.16.3.8) and it’s picking up this gateway config automatically from DHCP server

I have One DHCP Server witch is a part of VLAN3 with IP (172.16.3.6) and it’s gateway VLAN3 IP (172.16.1.5) IP for routing blade in Vlan3

Right now any PC is connected to VLAN 2 or 3 or 4 with gateways witch picking it from DHCP server (172.16.3.8 for VLAN3 and 172.16.2.10 for VLAN 2 and 172.16.4.10 for VLAN4) those PCs are NOT ABLE TO COMMUNICATE WITH OTHER PCs IN OTHER Vlans

Meaning VLAN2 PC not able to communicate with VLAN3 PC

And Also VLAN 2 and 4 PC’s not able to communicate with DHCP Server (only picking up an IP but there is no ability to communicate and ping command showing host is not reachable

But all PCs in any Vlan with gateway as IP of subinterface for routing blade for the same VLAN are able to communicate together

I don’t have any ACL running on my router

Hope that can give u some details about my network

Right now I would like to make VLAN 5 witch is like a common VLAN I want to connect around 3 or 4 PCs only to this VLAN and these 4-5 PC’s are able to communicate with all other PCs on my network in any VLAN

I have create this vlan

set vlan 5 3/35

Router# config term

Interface gigaethernet 3.5

IP address 172.16.5.1

Encapsulation dot1Q 5

IP-helper address 172.16.3.6

Now PC on port 3/35 able to picking IP from DHCP server but not able to communicate with others Vlans

The WS-X4232-L3 module is connected to slot 2 so I have set a trunk for this slot like this

set trunk 2/1 noneg dot1q 1-1005

but still there is no communication between Vlans

Please try to give me a clear steps so I can follow it to oslve this Problem

Thank you very much and waiting for reply ASAP

Ahmed

Hi Ahmed,

do you have a diagram of your network? if you don't mind, pleas attach the diagram.

and please attach also:

1.sh version from SUP and Routing module

2.sh run from SUP and Routing module

thankz...

Hi Handoko,

attached is basic diagram for my network and the technical support configuration for routing blade and show config for SUP

just take a look at this files and if u need more details please let me know

Thanks

Hi Handoko,

di u got my files ? please try to reply I need this help urgent

Thanks

sorrie, just came back from long holliday...

according to your file, vlan 5 is still down,

GigabitEthernet3.5 is up, line protocol is down

Hardware is xpif_port, address is 000a.425b.1409 (bia 000a.425b.1409)

Internet address is 172.16.5.1/24

MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec, rely 255/255, load 1/255

Encapsulation 802.1Q Virtual LAN, Vlan ID 5.

ARP type: ARPA, ARP Timeout 04:00:00

this is happen because no host/port on vlan 5 is up.

try to make vlan 5 on switching module, and then make one or two port as vlan 5.

then, please update the file that you uploaded here.

thankz.

hi hondoko

The port is already configured for Vlan 5 and I have a laptop connected to this port for checking

Regards

Review Cisco Networking for a $25 gift card