Solved: SF302-08P Switch VLAN Problem

dractech1 · ‎10-09-2012

Hello

I have a problem configuring a SF 302-08P switch for VLAN. Here is my setup. I have two switches that are configured almost the same. The first switch is a SF200-24P with 12 ports on VLAN1 and twelve ports on VLAN2. The G1 port is the incoming trunk with 1UP, 2T and the G2 port set to 1UP, 2T connecting to the G1 port on the SF302-8 switch. Both Vlans work OK on the SF200-24 switch. The port on the SF200-24 is set to trunk 1UP,2T and the G1 port on the SF302-8 is set to trunk 1UP,2T. The VLAN port membership on the SF302-8 is set to VLAN 1 port 1-4 is 1UP and VLAN 2 port 5-8 is set to 2UP. Ports 1-4 work OK but the 5-8 will not connect to vlan 2. I have downloaded the latest firmware for the SF302 but it did not make any difference. Any suggestions on what I am missing?

Tom Watts · ‎10-09-2012

Dan, send me an email with a number i can reach you. I am available at 4pm eastern.

Update to this topic, we have discovered a layer 1 issue, the upstream switch had a misplaced wire, leading to the port misconfigured.

Message was edited by: Thomas Watts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

View solution in original post

Tom Watts · ‎10-09-2012

Hi Dan, here is a summary, correct me if I'm wrong?

Switch #1 -

Ports 1-12 are vlan 1
Ports 14-24 are vlan 2
The link connecting the switch is 1u,2t

Switch #2

Ports 1-4 ire vlan 1
Ports 5-8 are vlan 2
The link connecting the switch is 1u,2t

Computers connecting in vlan 1 will only talk to vlan 1.

Computers connecting in vlan 2 will only talk to vlan 2.

A router must be introduced to make vlan 1 and vlan 2 talk together (or configure the switches in layer 3 mode)

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

dractech1 · ‎10-09-2012

Thomas

You are correct and there is a router connected to the first switch. Here is what I am trying to do. On the first switch vlan 1 is the data network and vlan 2 is a wirelss network with access points. In the router I do not allow traffic from vlan 2 to vlan 1 but I do allow traffic from vlan 1 to vlan 2 so I can control and configure the access points from vlan 1. So say vlan 1 is 192.168.1.x and vlan 2 is 192.168.2.x. On the first switch from vlan 1, I can ping and access all the access points connected on vlan 2. I can ping and access all the computers connected on switch two on vlan 1 but nothing on vlan 2. All I am doing is just adding a second floor with a smaller switch.

Thanks

Tom Watts · ‎10-09-2012

Dan, this is expected behavior, the router has to route the traffic between vlan, either through 802.1q encapsulation or sub interfaces. If neither are possible on the router, the switch directly connecting to the router must be layer 3 then you will have at minimum inter-vlan communication. However, the vlan 2 won't have internet connectivity without a static route on the router.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

dractech1 · ‎10-09-2012

Tom

Ok maybe I can explain this a little different. I inherited this project that two parts were built prior to me. The router is a Sonicwall that has too LAN connections with 192.168.1.x on one LAN and 192.168.2.x on the second LAN. That router is connected to a Cisco SF20024P switch on the first floor of a building. The first floor is connected to a second floor switch which is a SF20024P with the same configuration. Both first floor and second floor works great. There is a third floor which is a much small area that only needed an eight port switch. This is where I came in and installed the third switch which is the SF302-8P. The first floor switch passes traffic up to the second floor switch using a trunk with vlan 1 untagged and vlan 2 tagged. The second floor switch takes in traffic fine and works great. Why should the second switch not pass the vlan 2 traffic to the third switch? It should pass it up to the third switch using the same tagging method. As I said the traffic on vlan 1 works on the third switch, just vlan 2 will not.

Thanks

Tom Watts · ‎10-09-2012

Please confirm or clarify this diagram

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

dractech1 · ‎10-09-2012

Tom

That looks correct.

Dan

Tom Watts · ‎10-09-2012

Dan, send me an email with a number i can reach you. I am available at 4pm eastern.

Update to this topic, we have discovered a layer 1 issue, the upstream switch had a misplaced wire, leading to the port misconfigured.

Message was edited by: Thomas Watts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

dractech1 · ‎10-12-2012

Tom

I went backed and checked the wiring. I was 50% correct as the wiring was connected correctly according to the labeling, BUT the labeling was switched. So wish I had remembered the CDP neighbor command earlier. That was a great help and you were 110% on with finding that. Sure helps to have someone else look at a problem. Outstanding support from you...thanks again.

Dan