Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
891
Views
0
Helpful
1
Replies

SG300 Community VLAN

wladyslaw1951
Level 1
Level 1

‎04-07-2015 12:43 AM

Hi, I'm newbie with Cisco.

I have SG300-28PP running on 1.4.0.88 firmware (boot: 1.3.5.06) in L2 Mode. In my LAN I have one file server, few PCs, few IP cams and one NVR.

My goals are:

a. block communication between IP cameras and clients PC's

b. allow communication between file server and clients

c. allow communication between NVR and IP cameras

d. serve DHCP for primary and community VLANs

e. allow access to the SG300 management interface form PC vlan (ID:20) or from Primary VLAN (ID: 200)

f. allow PCs to access the Internet

 

I'm going to:

1. put file server + NVR (it's actually the same box) and gateway to Primary VLAN (ID:200)

2. clients PCs to Community VLAN (ID: 20)

3. IP cameras to Community VLAN (ID: 2)

4. run DHCP server on SG300

 

Is this the right way to achieve my goals? Is it possible at all? I would prefer to not change switch mode.

And how to serve DHCP services for all VLANs? Should I change default VLAN to 200?

 

Labels:
0 Helpful
1 Reply 1

wladyslaw1951
Level 1
Level 1

‎04-07-2015 07:27 AM

OK.

Everything works fine.

Here is what I did, maybe in the future someone will use it (all tasks using web gui):

1. Enable DHCP server (IP Configuration -> IPV4 Management and Interfaces -> DHCP Server -> Properties)

2. Create a network pool (IP Configuration -> IPV4 Management and Interfaces -> DHCP Server -> Network Pools)

3. Create three VLANs: 2, 20 and 200 (VLAN Management -> VLAN Settings)

4. Change interfaces mode:

- Interfaces where servers and gateway are connected Mode: Private VLAN - Promiscuos, Primary VLAN: 200, Secondary VLANs: 2,20

- Interfaces where PCs are connected Mode: Private VLAN - Host, Primary VLAN: 200, Secondary VLAN - Host: 20

- Interfaces where IP Cams are connected Mode: Private VLAN - Host, Primary VLAN: 200, Secondary VLAN - Host: 2

5. Change management VLAN (to serve DHCP servers in all VLANs) to 200 (Administration -> Management Interface -> IPv4 Interface). In my firmware I was able to do it only when at least one port with VLAN was active.

 

Remember to always stay connected to proper interface during this process. When you change management VLAN you will be cut of from your switch. So keep in mind to prepare interface with VLAN 200 and reconnect the cable to it after change management VLAN.

 

0 Helpful
Customers Also Viewed These Support Documents