Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3229
Views
0
Helpful
5
Replies

Setting up VLAN across SRW2048 & SG300-20

Go to solution
heathfieldsch
Level 1
Level 1

‎10-18-2011 06:24 AM

Hi all,

I have a Linksys SRW2048 which has workstations connected to it. This switch is connected to a CSB SG300-20 via fibre which has the servers connected to it.

The problem I have is that where the internet comes into the building is near the Linksys SRW2048 and I need to get it to the SG300-20 without allowing access from the workstation so it can go through our content filter and then allow all workstations access to it.

I have 2 fibre connection from SRW2048 to the SG300-20, one is in use and links the servers to the rest of the network the other is not in use.

I'm guessing that on the SRW2048 switch i need to put two ports on say VLAN 10, one for the internet connection from ADSL modem and one for the miniGBIC to use the spare fibre. Then on the SG300-20 again I will need two ports on VLAN 10 for the incoming feed on miniGBIC and for the port to connect the content filter with unfiltered internet

The content filter will then be connected after it has been filtered to a port on the default VLAN for the rest of the workstations to access.

In theory is the above correct? If so could someone please go through what I need to do on both switches to allow them to talk on the same VLAN.

Many Thanks

Matt

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
David Hornstein
Level 7
Level 7
In response to heathfieldsch

‎10-20-2011 09:43 AM

Hi Matt,

I just did this on my SRW208MP and my SRW208P-K9-NA

Save your configurations before you make these changes, so you can back out if you had any problems.

if I recall i did the following., but the vlans were already tagged on the fiber ports.

Step 1. I removed tagged vlans from my fiber ports and just left the uplink ports untagged in the default VLAN.

Step 2. added my fiber uplink ports to LAG group 1 on both switches

Step 3 now I added selected each vlan and  tagged them individually on the  LAG group 1

Step 4.  yeah and as you said, added the hypothetical  ADSL modem  to a switch port as untagged in VLAN10

seems easy, good luck 

regards Dave

View solution in original post

0 Helpful
5 Replies 5

Go to solution
David Hornstein
Level 7
Level 7

‎10-18-2011 07:05 AM

Hi Matt,

My initial concern is that you mention you have a " internet connection from ADSL modem".

On my home network, my motorola cable router learns one  MAC address via it's ethernet port.

The motorola cable modem then  remembers that MAC address  till I perform a power-on reset..

The cable modem then only allows that one device (learnt MAC address), in my case a UC540  or UC320W,  to get access to the Internet. 

I have to power-on reset my modem to allow a different WAN router to gain access to the Internet, as the modem then learns a new MAC address from my home network..

Is this a hurdle that you have to overcome as well ?

If you plug a switch onto the ADSL modem,  will the modem learn the switches MAC address and restrict access from other IP Hosts..

If this is the case, your router/content filter device would have to plug directly onto the ADSL modem.

Assuming you are not limited by this Service providers configured limitation on the ADSL modem, what about the following;

Suggested topology

1.  You have two fiber connections between the switches,  why not use Link aggregation ( LAG) on the fiber runs between the two switches.

(better save configurations of the switches before you modify the configurtation of the switches, in case yoiu have to back out.  Creating LAG will probabaly kill connectivity bertween switches depending on how you create the LAG.)

  • On both switches, create a LAG group and add the two fiber ports to the LAG group.
  • Add existing VLANs back to the LAG group.

LAG will provide a certain level of load sharing between fiber ports,  but also more importantly link failover.or redundancy.

2.  I persoanally see no reason why you couldn't create VLAN10 on both switches  to 'tunnel' at Layer 2 the ADSL modem to the content filter device.

This is assuming  you are not hampered by a limitation I noted above..

  • SRW2048 -  port can be untagged in VLAN 10  - connected to ADSL modem.
  • SRW2048 -  add tagged vlan10 to the  LAG group
  • SG300  - a port can be untagged in VLAN 10  - connected to content filter
  • SG300  - LAG group- add tagged vlan10 to  LAG group

Even if , thriough ADSL modem limitations,  you can't create a VLAN for content filter connectivity, why not still create a LAG between the switches to improve network pwerformance and fiber link redundancy.

regards Dave

0 Helpful

Go to solution
heathfieldsch
Level 1
Level 1
In response to David Hornstein

‎10-20-2011 01:14 AM

Many Thanks for your reply Dave,

I'm hoping the ADSL modem won't be an issue as they work slightly different to cable modems. Its an ADSL modem/router with built in 4 port switch (a basic bit of home kit) the internet is provided to all 4 of the ports on the modem and you can plug anything in at any point and the internet will work.

Before having the content filter, they used to have a feed from the adsl modem directly into the SRW2048 and this provided internet no problem.

I do like the suggestion of aggregating the two fibre connections to increase performance/redundency and will try your recommendations next week.

So I basically :-

Create a LAG group on both switches

Put the required ports in VLAN 10 untagged on both switches

Add VLAN 10 to the LAG group on both switches

And thats it? no further setup to tell the switches about? I wish I could remember more of the CCNA I did 10 years ago.

Best Regards

Matt

0 Helpful

Go to solution
David Hornstein
Level 7
Level 7
In response to heathfieldsch

‎10-20-2011 09:43 AM

Hi Matt,

I just did this on my SRW208MP and my SRW208P-K9-NA

Save your configurations before you make these changes, so you can back out if you had any problems.

if I recall i did the following., but the vlans were already tagged on the fiber ports.

Step 1. I removed tagged vlans from my fiber ports and just left the uplink ports untagged in the default VLAN.

Step 2. added my fiber uplink ports to LAG group 1 on both switches

Step 3 now I added selected each vlan and  tagged them individually on the  LAG group 1

Step 4.  yeah and as you said, added the hypothetical  ADSL modem  to a switch port as untagged in VLAN10

seems easy, good luck 

regards Dave

0 Helpful

Go to solution
heathfieldsch
Level 1
Level 1
In response to David Hornstein

‎10-24-2011 03:36 AM

Hi Dave,

I have done the following

1) Added both fibre connections to LAG1 on both switches and it seems to be working fine.

2) Set a port on each switch as untagged on VLAN 10

However I can't seem to set VLAN10 as tagged on LAG1, I think I can set it as untagged but not tagged, the options are greyed out. Any ideas if i've missed a step?

Also, should I enable LACP on LAG1?

Many Thanks for your help

Matt

0 Helpful

Go to solution
heathfieldsch
Level 1
Level 1
In response to heathfieldsch

‎10-24-2011 06:14 AM

Sorted it... I needed to change the LAG1 on SRW2048 from Access to Trunk, it then gave me the option add VLAN10 as tagged.

Many Thanks for your help Dave.

Matt

0 Helpful
Customers Also Viewed These Support Documents