Re: Allowing multiple Vlans on 1 Port

elmehdisaoudi · ‎10-20-2017

hey guys, so im no expert and i would really appreciate any help

so i need to assign each port on switch 3 (the one connected to the pcs) with multiple vlans
so instead of making them access ports i made them trunking ports and i allowed the vlans i need but i can't get a connection between the pcs, the ping is unsuccessful

and also i need to provide these pcs with internet access from the router how can i do that ?

i really hope that i'd get any answers and i really appreciate your help thank you.

Rich Uline · ‎10-20-2017

Elmehdisaoudi,

Most workstations will not tag traffic sent to the switch, and the default behavior for the switch is to place untagged traffic which it receives into the native VLAN. If you want the workstations to communicate on several subnets at once, then you will need to configure them for VLAN tagging. This feature may or may not be available depending on the operating system and/or NIC hardware capability/drivers.

Looking at the bigger picture, a design that requires workstations to communicate on multiple VLANs isn't really a great one. I think it might be more productive if we removed the need for that entirely. So I'd like to ask; why is it that each port on switch 3 needs multiple VLANs?

To answer your question about enabling Internet access from the router, we may need more information. It looks to me like none of the switches are capable of routing, so you would probably use a router-on-a-stick configuration. Once that is set up, you would just need to propagate those VLANs along your trunks. It looks like you may also need to configure NAT (PAT, specifically).

Reza Sharifi · ‎10-20-2017

Hi,

Usually the connection to PCs/Laptop/printers, should be an access port and not a trunk port. If you make the switch port a trunk port, you have to do the same on the end device. Usually there is no need to trunk the ports to these devices. In some cases like connecting ports to servers, the ports are configured as trunk because the server has multiple vlans on it.

HTH

andre.ortega · ‎10-20-2017

If you configure those interface's switch as trunk your PC have to support VLAN, and tag the packets.
What do you need? Why multiple VLANs for all PC ports?
You may configure those interfaces as trunk, and then configure each one with specific native VLAN. So packets without tag will be associated with the native VLAN from the interface.

Georg Pauwen · ‎10-20-2017

Hello,

in addition to the other posts, and assuming you have a NIC that supports 802.1q tagging (as does the Intel adapter in the link below), you still need a layer 3 interface with an IP address somewhere on your network in order for inter-Vlan communication (and Internet access) to work. It looks like the ISR4321 Router 0 is your edge device ? So you need trunk links between the PCs, the switches, and the ISR4321. On the ISR configure a router on a stick (as described in the link below). If you need help with this, post the configuration of the 4321, and we can fill in the necessary bits and pieces.

Router-on-a-stick

http://www.firewall.cx/cisco-technical-knowledgebase/cisco-routers/336-cisco-router-8021q-router-stick.html

Intel® Advanced Network Services VLANs

https://www.intel.com/content/www/us/en/support/articles/000005677/network-and-i-o/ethernet-products.html

Julio E. Moisa · ‎10-20-2017

Hi

I agree with the other members Now the question is: what is the reason for that kind of deployment? As Reza mentioned usually the ports are configured as access mode for end users or hosts, is very very unusual see then configured for computers, it may be or could be for servers. Also check the links provided by Georg.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<