cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

CISCO SWITCHES FOR SMALL and MEDIUM BUSINESS

Introducing the next generation of Cisco Small and Medium Business Switches. Cisco is refreshing its SMB Switch portfolio. Click here  to learn more.


593
Views
0
Helpful
4
Replies
StewJo
Beginner

Need advice on SG300 config

I have a network with 3x SG300-52p switches and 3x SG300-28PP switches.  All are set as L3 even though I only wound up using them as L2.  I have a VPN set up in my firewall and I'm able to connect in.  From my VPN connection I'm able to connect to the 3x SG300-28PP switches but not to my 3x SG300-52p switches. On the SG300-28PP switches I go to:

-Administration

---Management Interface

-----IPv4 Interface

and I have:

-Management VLAN:  10

-IP Address:  172.16.x.x

-Network Mask:  (The mask)

-Administrative Default Gateway:  User Defined:  172.16.x.x

Adding in that Default Gateway allows me to connect across the subnets / VLANs.

 

I'm fairly certain this is a Gateway issue on the SG300-52p switches.  Under:

-IP Configuration

---IPv4 Management and Interface

-----IPv4 Interface

I have:

-Interface:  VLAN10 (the data VLAN and also the VLAN that the switches reside on for us to log in and maintain)

-IP Address Type:  Static

-IP Address:  (The 172.16.x.x IP of the switch)

-Mask:  (The Subnet mask)

-Status:  Valid

There is no place for the "Administrative Default Gateway".  The only place I can see that may be for that is IPv4 Routes.  What do I need to set to enable the packets to route of the subnet.  I'm concerned that if I set an IPv4 Route that I'll mess something up.  Thanks for any advice!

4 REPLIES 4
Sujoy Paria
Cisco Employee

Hi,

Please cross verify the ‘System Mode’ settings on the Switches, it seems SG300-28PP Switches are operating in ‘L2 mode’ and due to that you are getting the option to assign the default gateway as there is only one management IP interface. The SG300-52P switches are operating in L3 mode, due to that you are not getting that option. In ‘L3 mode’ you can create multiple IP interfaces on the Switch for different VLANs to access the Switch.

I’m not aware about your complete Network topology & other configurations on the devices so it will be difficult to comment whether adding the IPv4 route on the Switch will mess-up the other services operating on the Network or not. In case you are not willing to add the IPv4 route on the Switch (in L3 Mode) then you need to change those switch ‘System mode’ to L2, accordingly you will get the option to assign the ‘Administrative Default Gateway’.

Note: Change the ‘System Mode’ on the Switch will reset the Switch to default settings, so all the existing configuration on the Switch will get erased. So it is recommended to keep a configuration back-up of the Switch before changing the ‘System Mode’. Also it will be better if you know the configuration changes made on the Switch.

Thanks for the response.  It does appear the SG300-28PP units are set for L2.  That would explain why the options are different.  There are currently 2 VLANs on the switches.  VLAN10 is for data and also used to manage the network equipment on 172.16.x.x network and VLAN2 is for voice on the 172.17.x.x network. 

The setup:

(SG300-52p#4) - (SG300-28pp#7) - (SG300-28pp#8)

   |

(SG300-52p#6) - (Gateway / Firewall / Router) - Internet

   |

(SG300-52p#5) - (SG300-228pp#9)

Each switch has VLAN2 voice and VLAN10 data traffic and currently it all works except I can't get into the 3 SG300-52p switches from other subnets.  I'm concerned because in L3 mode I'm setting a route and not a gateway for the switch itself.  If I set the route as 0.0.0.0/0.0.0.0 to go to the Gateway the packets should go out but wouldn't it then route all packets to the router regardless of the destination?  If a PC on #4 needs to go to a PC on #6 then wouldn't it force all the packets to go to the gateway and then back to #6 if I set that as the route causing a lot of extra congestion?

Hi,

Thank you for your reply. The default route is the destination that a packet is sent to if the router doesn’t have instructions to send it somewhere else.

 

For your scenario you may configure ‘SG300-52p#6’ switch In L3 mode so that it will take care about the Inter-VLAN routing part to provide the communications between two VLANs. You need to create the IP interfaces for each VLAN on that L3 Switch. Remaining switches you can configure in L2 Mode and assign the IPs from your data/management VLAN.

 

Now, you can add a default route on the ‘SG300-52p#6’ switch towards your Gateway/Router/Firewall which will take care about the remaining traffic. That will reduce the extra congestion you are talking about.

 

Note: You may need to add the necessary reverse route on the Gateway/ Router/ Firewall to cater the Internet connectivity to the different VLANs on the Switch.

It is recommended to keep a well-known working configuration back-up for each devices before making any configuration changes on that.

You may also open a service request with us following the below mentioned link in case you need any configuration assistance from our side on our devices…

https://www.cisco.com/c/en/us/support/web/tsd-cisco-small-business-support-center-contacts.html

You need to remember default gateway is layer 2 and default route is layer 3.