3560 vlans configuration issue

Narsimha Golla · ‎02-24-2012

Hi,

I have configured vlans in 3560G switch but vlans notable to accessing internet can anye one check the attached configuration & plz do the need full

John Blakley · ‎02-24-2012

Which vlans are having a problem? When you have a host in a vlan, can it ping the vlan's svi?

HTH, John *** Please rate all useful posts ***

Narsimha Golla · ‎02-24-2012

Thank's for replay

I create two vlans. vlan10 & vlan20

Vlan10 hosts notable to communicating with vlan20 host's but Internet also not coming to both vlans hosts. but my requirement is vlans not communicate with each others & internet should access both vlans hosts

Thanks,

Narsimha

Hieu Cao · ‎02-24-2012

Silling question to ask here, but does the host on vlan10 has a valid ip address/gateway/dns? Same for host in vlan 20?

Did you assign the IP addresses manually or expect those hosts to receive IPs from a DHCP server? If those hosts are receving IPs from a DHCP server, under Interface Vlan 10, 20, add "ip helper-address IP_Address_Of_DHCP_Server"

Also, it's not a good idea that you post the switch config without masking or removing the switch local password. I suggest you to change your switch password asap, and add this command "service password-encryption" to encrypt the password.

Kishore Chennupati · ‎02-24-2012

narasimha,

I am not able to open the config file as i use a mac and its an exe witin the zip file. so can u please send me the config as a txt file to inbox as a private message and i will look at it as well.

without looking at the config i can give you some pointers based on ur requirements.

1. First make sure you have ip routing enabled

2. If you dont want the vlans to talk to each other just configure ACL's

3. Make sure the default routing etc is properly configured

HTH

Kishore

Narsimha Golla · ‎02-24-2012

Thanks, kishore plz check the attached configuration

Building configuration...

Current configuration : 5276 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname 12345

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$8CK6$UqhqMZhjUq4AsM1oJVf5S1

enable password

!

username cisco privilege 15 password 0

username admin privilege 15 password 0

no aaa new-model

system mtu routing 1500

ip subnet-zero

ip routing

!

mls qos map cos-dscp 0 8 16 24 32 46 48 56

mls qos srr-queue input bandwidth 90 10

mls qos srr-queue input threshold 1 8 16

mls qos srr-queue input threshold 2 34 66

mls qos srr-queue input buffers 67 33

mls qos srr-queue input cos-map queue 1 threshold 2 1

mls qos srr-queue input cos-map queue 1 threshold 3 0

mls qos srr-queue input cos-map queue 2 threshold 1 2

mls qos srr-queue input cos-map queue 2 threshold 2 4 6 7

mls qos srr-queue input cos-map queue 2 threshold 3 3 5

mls qos srr-queue input dscp-map queue 1 threshold 2 9 10 11 12 13 14 15

mls qos srr-queue input dscp-map queue 1 threshold 3 0 1 2 3 4 5 6 7

mls qos srr-queue input dscp-map queue 1 threshold 3 32

mls qos srr-queue input dscp-map queue 2 threshold 1 16 17 18 19 20 21 22 23

mls qos srr-queue input dscp-map queue 2 threshold 2 33 34 35 36 37 38 39 48

mls qos srr-queue input dscp-map queue 2 threshold 2 49 50 51 52 53 54 55 56

mls qos srr-queue input dscp-map queue 2 threshold 2 57 58 59 60 61 62 63

mls qos srr-queue input dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31

mls qos srr-queue input dscp-map queue 2 threshold 3 40 41 42 43 44 45 46 47

mls qos srr-queue output cos-map queue 1 threshold 3 5

mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7

mls qos srr-queue output cos-map queue 3 threshold 3 2 4

mls qos srr-queue output cos-map queue 4 threshold 2 1

mls qos srr-queue output cos-map queue 4 threshold 3 0

mls qos srr-queue output dscp-map queue 1 threshold 3 40 41 42 43 44 45 46 47

mls qos srr-queue output dscp-map queue 2 threshold 3 24 25 26 27 28 29 30 31

mls qos srr-queue output dscp-map queue 2 threshold 3 48 49 50 51 52 53 54 55

mls qos srr-queue output dscp-map queue 2 threshold 3 56 57 58 59 60 61 62 63

mls qos srr-queue output dscp-map queue 3 threshold 3 16 17 18 19 20 21 22 23

mls qos srr-queue output dscp-map queue 3 threshold 3 32 33 34 35 36 37 38 39

mls qos srr-queue output dscp-map queue 4 threshold 1 8

mls qos srr-queue output dscp-map queue 4 threshold 2 9 10 11 12 13 14 15

mls qos srr-queue output dscp-map queue 4 threshold 3 0 1 2 3 4 5 6 7

mls qos queue-set output 1 threshold 1 138 138 92 138

mls qos queue-set output 1 threshold 2 138 138 92 400

mls qos queue-set output 1 threshold 3 36 77 100 318

mls qos queue-set output 1 threshold 4 20 50 67 400

mls qos queue-set output 2 threshold 1 149 149 100 149

mls qos queue-set output 2 threshold 2 118 118 100 235

mls qos queue-set output 2 threshold 3 41 68 100 272

mls qos queue-set output 2 threshold 4 42 72 100 242

mls qos queue-set output 1 buffers 10 10 26 54

mls qos queue-set output 2 buffers 16 6 17 61

mls qos

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface GigabitEthernet0/3

!

interface GigabitEthernet0/4

!

interface GigabitEthernet0/5

!

interface GigabitEthernet0/6

!

interface GigabitEthernet0/7

!

interface GigabitEthernet0/8

!

interface GigabitEthernet0/9

!

interface GigabitEthernet0/10

!

interface GigabitEthernet0/11

switchport access vlan 10

switchport mode access

!

interface GigabitEthernet0/12

switchport access vlan 20

switchport mode access

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

!

interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

queue-set 2

priority-queue out

mls qos trust cos

auto qos voip trust

macro description cisco-switch

spanning-tree link-type point-to-point

!

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

queue-set 2

priority-queue out

mls qos trust cos

auto qos voip trust

macro description cisco-switch

spanning-tree link-type point-to-point

!

interface GigabitEthernet0/24

switchport trunk encapsulation dot1q

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

queue-set 2

priority-queue out

mls qos trust cos

auto qos voip trust

macro description cisco-switch

spanning-tree link-type point-to-point

!

interface GigabitEthernet0/25

!

interface GigabitEthernet0/26

!

interface GigabitEthernet0/27

!

interface GigabitEthernet0/28

!

interface Vlan1

ip address 192.168.2.50 255.255.255.0

!

interface Vlan10

ip address 192.168.10.1 255.255.255.0

!

interface Vlan20

ip address 192.168.20.1 255.255.255.0

!

ip default-gateway 192.168.2.1

ip classless

ip route 0.0.0.0 0.0.0.0 192.168.2.1

ip http server

!

!control-plane

!

line con 0

line vty 0 4

password

login

length 0

line vty 5 15

login

!

end

Kishore Chennupati · ‎02-25-2012

can you ping 192.168.2.1?? As I mentioned you can use ACL's between the vlans to stop them talking to each other..

Now, i belive 192.168.2.1 is the ip on the router. You need to check if there is a return route to the vlans 10,20 on the router.

HTH

Kishore