Solved: Re: 3560 Switch Config to work with Netgear WNR2000

Shivan.Kamal · ‎04-25-2019

Hi Guys,

I've been reading a lot of forums, articles and looking through the Cisco 3560 user manual to try and setup a cisco switch to work with a Netgear WNR2000v5 router.

Unfortunately I have been unsuccessful in getting this setup.

Wanting to know if it's even possible to do this?

Setup is like this.

Router(172.16.0.100/24)----------Switch fa0/1(172.16.0.101/24)------CPE fa0/5(172.16.0.5/24)

I've setup the default gateway on the switch to match the Netgear at 172.16.0.100.

I've enabled IP routing.

current IP route setting is

ip route 0.0.0.0 0.0.0.0 172.16.0.100(This could be one issue)

Currently I have a Cat5 cable running from fa0/1 to a LAN port 3 on the Netgear.

DHCP is set on the router.

I've also got an Unifi Access Point connected to fa0/2.

Below are the interface settings and the VLAN settings. only using 1 VLAN(Default 1)

Interface Vlan1

ip address 172.16.0.101 255.255.255.0

network 172.16.0.0

ip default-gateway 172.16.0.100

ip route 0.0.0.0 0.0.0.0 172.16.0.100

ip rip send version 1 2

router rip

network 172.16.0.0

Interface Fa0/1

switchport trunk encapsulation dot1q

switchport mode trunk

spanning-tree portfast trunk

spanning-tree bpdugaurd enable

interface fa0/2

switchport trunk encapsulation dot1q

switchport mode trunk

switchport nonegotiate

spanning-tree bpduguard enable

In the Netgear I have enabled RIP_2M. I've also tried RIP_1 but neither made a difference.

the Netgear has access to the internet via WAN and has a static public IP address set.

I want the Netgear to be able to speak to the switch, and vice-versa to enable other CPE's and AP to speak to each other and have access to the internet.

Any help is greatly appreciated!

Shivan.Kamal · ‎04-30-2019

So I did some further testing and I found the issue was definitely the WNR2000v5.
The LAN ports became faulty. I confirmed this by connecting a CPE directly to a LAN port on the router, and DHCP would not assign an IP or even recognise a CPE was connected when looking at the "Connected Devices" on Netgear page.

I tested all 4 ports and all 4 had the same issue.

I brought in another router and ran the same test and the same CPE wired to other router, I got an IP address assigned instantly.
I tested all 4 LAN ports on the other router and all 4 ports gave an assignment.

So after resetting the switch and re-configuring the default gateway on the switch, it picked up an IP straight away and I could ping all connected devices to the switch and router!

Thank you for all your assistance and for clarifying the switch configuration.

View solution in original post

Seb Rupik · ‎04-25-2019

Hi there,

I doubt very much the netgear router understands VLAN tags, so I would remove the trunk link. Also I imagine the CPE isn't configured for VLAN tags.

I suggest you use the following config:

!
vlan 10
!
int vlan 1
  no ip address 172.16.0.101 255.255.255.0
  shutdwn
!
int vlan 10
  ip address 172.16.0.101 255.255.255.0
!
int range fa0/1, fa0/5
  switchport mode access
  switchport access vlan 10
  spanning-tree portfast
  no shut
!

cheers,

Seb.

Shivan.Kamal · ‎04-28-2019

Hi Guys,

Sorry for not getting back to you sooner.

I was not in the office where this was setup. Now I am.

Ok so I've read all the replies.

I realized that its true, i don't need RIP. the reason I had it was because I noticed the WNR2000v5 had the ability to use RIP as well, so I thought I configure both for RIP they may talk. This didn't work of course.

So I've reset the switch back to scratch.

I only need VLAN 1 for now as I don't think the router can handle interVLAN for the future(I intend to setup a different VLAN to handle PoE Handsets)

Below is the config that I have on the switch currently

----------------------

Switch#show run
Building configuration...

Current configuration : 2796 bytes
!
! Last configuration change at 14:21:40 UTC Mon Apr 29 2019
! NVRAM config last updated at 14:22:43 UTC Mon Apr 29 2019
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 $1$t5Vt$jePLEYJmvRxpDXh0znTjh/
!
no aaa new-model
clock timezone UTC 10
system mtu routing 1500
ip subnet-zero
ip routing
!
!

!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0/1
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/2
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/3
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/4
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/5
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/6
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/7
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/8
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/9
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/10
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/11
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/12
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/13
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/14
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/15
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/16
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/17
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/18
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/19
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/20
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/21
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/22
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/23
switchport mode access
spanning-tree portfast
!
interface FastEthernet0/24
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
ip address 172.16.0.253 255.255.255.0
!
ip default-gateway 172.16.0.1
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.0.1
ip http server
ip http secure-server
!
access-list 1 permit any

--------

Unfortunately I still cannot ping the router gateway.

Also I don't have a console cable at this current stage(I misplaced it) so currently I can only telnet into the switch to manage it and configure it.

I found that If I change the IP or remove the IP for VLAN1 I lose telnet access and have to reset the switch.

I also found that if I configure the VLAN to pick up and IP from DHCP of router, I lose access and not sure what IP(IF an IP) has been assigned. So unless there is another method I can use to manage VLAN 1, currently I have to keep the static IP set for VLAN 1.

Really appreciate all the help you guys are giving.

Seb Rupik · ‎04-28-2019

Hello again,

The switch config looks good. It will provide Layer2 function. Personally I would not use VLAN1, but that can be changed later.

Can you ping the CPE IP from the switch? Is it pining from the router to the CPE IP that doesn't work? Can you share the router config? Is it connecting to the switch with a trunk port?

cheers,

Seb.

Shivan.Kamal · ‎04-29-2019

I can ping the CPE from the switch and i can ping other devices such as a networked printer with IP 172.16.0.20/24 from the CPE which are connected to the switch.

But i cannot ping the router from the Switch.

I also cannot ping a CPE on the switch via router wifi.

This is where Im having issues.

The WNR2000v5 doesnt give much in terms of config info.

WAN is setup to get IP dynamically from ISP(the public IP is a static one with a DNS server).

DNS is also get dynamically.

Currently DHCP settings on the router are.

Default gateway: 172.16.0.1

Subnet: 255.255.255.0

DHCP pool is set between 172.16.0.2 --254.

I dont see any wired connections that come from switch.

NAT is set to open.

Only thing it has which i havent setup is static routing.

Previously i tried setting up static routing when i had fa0/1 in trunk mode with IP 172.16.1.0 /24 but i still couldnt ping it.

Currently i dont see any settings that would allow me to put a LAN port into trunk mode.

Hope this helps.

Shivan.Kamal · ‎04-29-2019

If it helps. below is what show int fa0/1 shows.
------
Switch#show int fa0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Fast Ethernet, address is e8ba.7048.f783 (bia e8ba.7048.f783)
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 25/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is 10/100BaseTX
input flow-control is off, output flow-control is unsupported
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:00, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 10161000 bits/sec, 3029 packets/sec
5 minute output rate 124000 bits/sec, 78 packets/sec
2085611 packets input, 870678427 bytes, 0 no buffer
Received 1545858 broadcasts (1003211 multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
0 watchdog, 1003211 multicast, 8362681 pause input
0 input packets with dribble condition detected
64299 packets output, 12106505 bytes, 0 underruns
0 output errors, 1 collisions, 2 interface resets
0 babbles, 1 late collision, 0 deferred
0 lost carrier, 0 no carrier, 0 PAUSE output
0 output buffer failures, 0 output buffers swapped out
-----
Below is also the Arp table
---
Switch#show arp
Protocol Address Age (min) Hardware Addr Type Interface
Internet 172.16.0.253 - e8ba.7048.f7c0 ARPA Vlan1(VLAN Interface with TFTP for remote telnet)
Internet 172.16.0.25 0 1c87.2cb5.50db ARPA Vlan1(CPE)
Internet 172.16.0.20 5 a08c.fd61.6ea2 ARPA Vlan1(Networked Printer)
------

Hope this information helps

Shivan.Kamal · ‎04-30-2019

Ok after some real thorough troubleshooting.

I have found that the router LAN ports have become faulty.

I tested a CPE direct to LAN1 and I got a bogus IP(169.xxx.xxx.xxx) i tested a known good cable, a different LAN port, a different CPE to router LAN and they all got bogus IP's.

The router is able to give an IP to wireless devices but not to wired devices.

This would explain why I was not even getting a mac address on fa0/1 .

I found a spare router at home which I will test tomorrow.

If it works well then it confirms the faulty LAN ports.

Will keep you posted.

balaji.bandi · ‎04-30-2019

Previously i tried setting up static routing when i had fa0/1 in trunk mode with IP 172.16.1.0 /24 but i still couldnt ping it.

I believe network IP range is 172.16.0.x

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Shivan.Kamal · ‎04-30-2019

Yes this is true. But since 172.16.0.x was assigned to VLAN 1, it wouldn't allow me to assign that IP address to it.
So I had to use a different IP for it.

Thanks for your assistance. I found the issue to be the Netgear Router itself. The LAN Ports were faulty after further testing with a different router.

Shivan.Kamal · ‎04-30-2019

So I did some further testing and I found the issue was definitely the WNR2000v5.
The LAN ports became faulty. I confirmed this by connecting a CPE directly to a LAN port on the router, and DHCP would not assign an IP or even recognise a CPE was connected when looking at the "Connected Devices" on Netgear page.

I tested all 4 ports and all 4 had the same issue.

I brought in another router and ran the same test and the same CPE wired to other router, I got an IP address assigned instantly.
I tested all 4 LAN ports on the other router and all 4 ports gave an assignment.

So after resetting the switch and re-configuring the default gateway on the switch, it picked up an IP straight away and I could ping all connected devices to the switch and router!

Thank you for all your assistance and for clarifying the switch configuration.

balaji.bandi · ‎04-25-2019

Why not make it simple set up Switch as Layer 2 so all end device directly point to Router as Gateway

Router(172.16.0.100/24)----------(FAS 0/1 Trunk/Access port) Switch ( Access port VLAN1) ------CPE fa0/5(172.16.0.5/24).

Why you need to RIP IGP here ? any reason.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Shivan.Kamal · ‎04-28-2019

The netgear has RIP function, so since I could not ping it, I thought if I enabled RIP on the router and on the switch, they may talk. This of course did not work for me, so I have since then reset the router.

With the new config though, do I still need to configure Fa0/1 as a trunk port? Or can I keep it as an access port?

paul driver · ‎04-26-2019

Hello
I agree with @balaji.bandi you don't require any routing protocol to connect these devices together
However It would better to have it physically setup like:
Switch -172.16.0.100/24)<----LAN----->Router(172.16.0.101/24)---WAN---CPE fa0/5(172.16.0.5/24

This would allow you freedom to implement and utilize more features on either the router or switch such as vlans/subnets, NAT etc..

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Shivan.Kamal · ‎04-28-2019

Thanks for clarifying that. I have since then reset the router and my current setting is like below.

CPE(172.16.0.25)------->(Fa0/5)Switch(Fa0/1- 172.16.0.253/24)--------->Router(172.16.0.1/24)

After doing this, unfortunately I still could not get the switch to ping the router default gateway.
The router does have NAT enabled, and I changed the NAT settings to "OPEN" to see if that makes a difference. That didn't do it either.