11-13-2015 01:58 PM - edited 03-08-2019 02:42 AM
I am still working on the switching and routing at a small school. I have the 1841 hanging off port 48 on my 3750 switch and it connects to the router in port 1.
I am trying to get this 1841 to host several ubiquity access points and provide basic dhcp services. The 3750 is doing well with its setup I believe.
I have included the three configs i have.
Thanks in advance for your time
pat
Solved! Go to Solution.
11-16-2015 01:07 PM
sorry - i had it but never moved anyone to is yet so i pulled it while i was cleaning up and adding the vlan's
11-16-2015 01:28 PM
Right.
So the next thing is to tidy up the existing 3750 configuration.
First remove these routes so -
"no ip default-gateway 192.168.1.1"
"no ip route 172.23.1.0 255.255.255.0 192.168.1.5"
"no ip route 172.24.53.0 255.255.255.0 192.168.1.1"
because you only need the default route.
Then on your 1900 can you make these changes -
int gi0/1
no ip access-group 101 in
"no ip route 10.53.198.0 255.255.255.0 192.168.1.3"
"no ip route 172.23.1.0 255.255.255.0 192.168.1.5"
"ip route 172.23.1.0 255.255.255.0 192.168.1.2"
After you have done this can you make sure you can still get to the internet from existing subnets ie. not the AP one yet.
Your NAT configuration also needs updating but I don't want to change everything at once.
One other question.
If we needed to could you reboot the 1900 ?
Jon
11-16-2015 01:38 PM
all those in - i can reboot the 1900 if needed - i did get an ip
11-16-2015 01:48 PM
Okay, so almost there.
You are currently use vlan 2 to connect the existing 3750 to the 1900 but I would usually do a L3 connection.
However it will still work as is so up to you really but it may mean temporarily do a shut and no shut on the gi0/1 interface on the 1900.
So outstanding things -
1) don't know whether you have done this but on the new 3750 you need to allocate the AP ports into vlan 56 ie.
int gi<x/y>
switchport mode access
switchport access vlan 56
spanning-tree portfast
2) the acl 101 on the 1900 needs changing so -
no access-list 101
access-list 101 permit ip 172.23.1.0 0.0.0.255 any
access-list 101 permit ip 172.24.53.0 0.0.0.255 any
you need to add any other lines to the above acl for any other subnets you have internally although I am not sure there are any ?
You do not need a line for 192.168.1.0/24.
Once you have redone the acl can you do a "sh run" and make sure this line is still there -
"ip nat inside source list 101 interface gi0/0 overload"
The only thing left to do after this is to create a management vlan for your switches so you can remotely log into the new 3750.
Which vlan we use depends on whether we make the connection between the existing 3750 and the 1900 a L3 port or leave it as it and that is really up to you.
Jon
11-16-2015 02:08 PM
ok - made the acl changes - still nothing from the new switch - lets go with the l3 if you have time
11-16-2015 02:12 PM
I have the time if you do but what do you mean nothing from the new switch ?
If you are trying ping or anything from the switch itself it won't work as the switch does not have an IP yet.
How are you testing ?
Jon
11-16-2015 02:15 PM
you are right - forgot - was thinking the vlan handled it - using my laptop on a port on vlan 56
11-16-2015 02:18 PM
Okay if you are using a laptop in vlan 56 you should be working.
If not then -
1) can you ping the vlan 56 IP address on the existing 3750 ?
If not on that switch do a "sh ip int brief | inc Vlan" and see if it is up/up which it should be.
2) if you can ping that IP then from your laptop can you ping 192.168.1.5 ?
Jon
11-16-2015 02:29 PM
from the old (existing) and new switch my sh ip int brief | inc Vlan returns nothing
no 192.168.1.5 anywhere
11-16-2015 02:31 PM
Sorry I meant 192.168.1.1.
On the existing 3750 just do a "sh ip int br" and scroll down to the vlan entries.
You should see entries for the vlan interfaces you have created.
Did you use 172.23.1.0/24 for the new vlan 56 ?
Jon
11-16-2015 02:34 PM
old switch
XWALGOMA-Entrance#sh ip int br
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up up
Vlan2 192.168.1.2 YES NVRAM up up
Vlan22 172.23.1.1 YES NVRAM administratively down down
Vlan53 172.24.53.1 YES NVRAM up up
FastEthernet2/0/1 unassigned YES unset up up
new switch
Vlan1 unassigned YES unset up up
Vlan56 172.23.150.1 YES manual up up
11-16-2015 02:44 PM
Okay I should have explained more clearly.
You don't create the vlan 56 L3 interface on the new switch or the DHCP pool if that is where you have configured it.
So -
1) delete the vlan 56 interface on the new switch -
"no int vlan 56"
and remove the DHCP pool if it is on there.
See last post for details.
Jon
11-16-2015 02:50 PM
ok
old switch
Interface IP-Address OK? Method Status Protocol
Vlan1 unassigned YES NVRAM up up
Vlan2 192.168.1.2 YES NVRAM up up
Vlan53 172.24.53.1 YES NVRAM up up
Vlan56 172.23.1.1 YES manual up up
new switch
Vlan1 unassigned YES unset up up
11-16-2015 02:52 PM
That's better.
So is your laptop getting a 172.23.1.x IP ?
If so can you ping 172.23.1.1 ?
If you can then 192.168.1.1 ?
If yes can you ping an IP beyond the router ?
Jon
11-16-2015 02:56 PM
So is your laptop getting a 172.23.1.x IP ? - yes
If so can you ping 172.23.1.1 ? - yes
If you can then 192.168.1.1 ? - yes
If yes can you ping an IP beyond the router ? - no
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide