Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2434
Views
0
Helpful
3
Replies

SG500x - InterVLAN

nvong
Level 1
Level 1

‎01-25-2013 08:38 AM

Hello,

We have netwotk 192.168.1.0 with the default gateway 192.168.1.1 (Juniper Netscreen Firewall). I bought the switch SG500x and want to use as backbone switch. It will be placed between the Juniper and other layer 2 switches.

I want to use this switch to handle the InterVLAN routing of VLAN/Subnet without touching the Juniper.

1) How can I configure the switch so that the clients from VLAN1 go to to the internet? I want to keep the client network configure without change.

     They have DHCP assign the IP 192.168.1.X 255.255.255.0 and the gateway is 192.168.1.1

2) Can i setup IP based dynamic IP with this switch?

Thank You

vlan database

vlan 2

exit

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

gvrp enable

bonjour interface range vlan 1

hostname SG500x

no snmp-server server

!

interface vlan 1

ip address 192.168.1.1 255.255.255.0

no ip address dhcp

!

interface vlan 2

ip address 192.168.2.1 255.255.255.0

!

interface gigabitethernet1/1/1

switchport trunk allowed vlan add 2

!

interface gigabitethernet1/1/8

switchport trunk allowed vlan add 2

!

router rip

redistribute static

exit

Labels:
0 Helpful
3 Replies 3

bhackbarth
Level 1
Level 1

‎01-27-2013 09:25 PM

So your Juniper is 192.168.1.1 and is the default gateway, and you want the switch to take over as the default gateway? Well, your Juniper and the switch can't both be on 192.168.1.1, or the routing table won't make any sense. You'll need to change the IP address of the Juniper, to say 192.168.1.2. We can use that as an example. You would then need to add a default route into the switch like this:

config t

switchxxxxxx(conf)#ip route 0.0.0.0 255.255.255.0 192.168.1.2 metric 1

The switch became the default gateway since you assiged 192.168.1.1 as the IP interface for VLAN1 in your example. And since the switch is the default gateway it can handles inter-VLAN  communication. And since we just added that default route above it forwards all addresses it doesn't know about (everything, except for your VLAN interfaces) out to  the Juniper, and hence the internet. Depending on your exact Juniper configuration, you may need to add a static route on it also.

0 Helpful

David Hornstein
Level 7
Level 7

‎01-27-2013 09:37 PM

Hi

Thank you for pasting the configuration , it was most enlightening.

The configuration is almost correct, you have made wee fundamental mistake byf having the juniper device and also  the SG500X with the same IP address..

Your intention was to allow the DHCP client to get, as you said to " the default gateway 192.168.1.1 (Juniper Netscreen Firewall)."

But your Command Line configuration of my switch shows the switch has that same address;

      

interface vlan 1

ip address 192.168.1.1 255.255.255.0

no ip address dhcp

This is the same address as the juniper product. aghhhh 

Why not make the VLAN 1  IP address of the SG500X  equal to , as a suggestion,  192.168.1.2 255.255.255.0 .

That should fix the problem you are experiencing.

But noticing that you have  VLAN 2 configured on the switch, do the following in the juniper device.

1.  add a static route that points to the 192.168.2.0 network with a gateway address of 192.168.1.2 (SG500X).

also add a default route or gateway in the SG500x, with the command ;

2.   ip default-gateway 192.168.1.1

That should resolve your issue.  The PC's a probably getting a address via DHCP, but since their default gateway is 192.168.1.1, the same  address as the switch, the PC's are not getting out to the juniper device.  :-)

regards Dave


0 Helpful

nvong
Level 1
Level 1
In response to David Hornstein

‎01-31-2013 09:22 AM

Hi,

First I do not want to touch the configuration on the Juniper

Secondly, I want to keep all the configuration of DHCP, Default Gateway as teh same and the switch is to do the interVLAN to allow communication between the new subnet to teh current subnet

so if the VLAN1 interface is 192.168.1.2 and the default gateway (Juniper) is 192.168.1.1

and the VLAN2 interface is 192.168.2.1

what so be the way to go?

Thanks,

0 Helpful
Customers Also Viewed These Support Documents