cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4963
Views
5
Helpful
22
Replies

Cisco 3560 CG help

Dragomir
Level 1
Level 1

I got a cisco 3560CG 8 port poe switch that I got at home and I want to know how to do vlan routing

 

I want to assign something like this

 

uplink port gig 0/9 - uplink to router

 

Router uplinks to cable modem and to intetnet

 

uplink port gig 0/1 - 0/3 - vlan 10  ----- for hard wired desktops at home 

upling port gig 0/4 - 0/8 - vlan 20 ----- for poe waps

how do I use separate addressing or do this?

 

my router will only hand out one ip range - 192.168.0.1/24

 

thanks

 

22 Replies 22

pieterh
VIP
VIP

start with this document

Configuring InterVLAN Routing with Catalyst 3750/3560/3550 Series Switches

 

this is a universal setup, but but you combine the muntiple switches into a single one.

so you do not need to configure trunk ports between switches

and you configure access ports on the 3560

Screen Shot 2020-01-17 at 12.52.15 PM.pngthis is my setup

 

 

I want to have wifi access points in vlan10

 

I wan to have PCs (hard wired) vlan 20

 

I want to have security cameras in vlan 30

 

 

how do i setup the config and routing?

when i do no switchport from my switch uplink gig0/9 to the tp link router, i lost all connectivity on all the other switch ports

>>>  when i do no switchport from my switch uplink gig0/9 to the tp link router, i lost all connectivity on all the other switch ports <<<

that is expected behavior.; "no switchport" means this port is not forwarding on Layer-2 anymore

the port is now a layer-3 (routed) port and needs to be configured with an IP-address 

after that it an route between two (or more) routed interfaces (two ip-networks) 

->proceed with the rest of the configuration

i did but whenever I shutdown vlan1 and assign one of my workstastion to vlan10

 

The workstastion is not able to access the internet

 

even though I have this in the config

 

ip route 0.0.0.0 0.0.0.0 192.168.0.1

(this is the wifi router gateway ip)

 

from my workstation I was able to ping the vlan interface on the switch 192.168.10.1

Hi
does the wifi switch know how to get back to vlan 10 , prob needs a static pointing back to vlan 10

as mentioned before after you used the "no switchport" command

to route packets to your internet router (ip route 0.0.0.0 0.0.0.0 192.168.0.1)

the 3560 needs 

- one ip address to communicate to the internet router using the port with "no switchport in the same subnet as the internet router (like 192.168.0.2 255.255.255.0 )

- a second ip-address in vlan 10 to communicate with these clients

- "ip routing" enabled (192.168.1.1 255.255.255.0)

- it is advices to have a DHCP-server in vlan 10 (the 3560 or another device)

  (or else you need to manually configure all client ip adresses in vlan10)

- 192.168.1.1 is the default gateway for clients in vlan10 (not 192.168.0.1)

- as Mark mentioned, the internet router needs to know the way back (192.168.1.0/24 is reachable via 192.168.0.2)

 

I am still struggling with this. I have a static route from the wifi/internet router back to vlan 10 like this

 

192.168.10.0 255.255.255.0 192.168.10.1

 

192.168.10.1 is the vlan10 interface on the switch

 

--------------------------------------------------

 

on th switch uplink to wifi/internet router

 

interface GigabitEthernet0/9
description uplink to TP Router
no switchport
ip address 192.168.0.2 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 192.168.0.1


interface Vlan10
description management_vlan
ip address 192.168.10.1 255.255.255.0

 


interface GigabitEthernet0/2
switchport access vlan 10
switchport mode access

 

-------------------------------------

 

I assigned my pc on gig0/2 with ip 192.168.10.5, 255.255.255.0 192.168.10.1(GW)

 

from my pc i can ping 192.168.10.1 (vlan 10 interface on switch)

 

but I cant get out to internet. I cannot ping any internet ips/dns names

 

 

 

 

 

 

 

from internet router

 

wifi_router.PNG

also from internet router, i can ping 192.168.10.1

any idea?

>>>

interface GigabitEthernet0/9
description uplink to TP Router
no switchport
ip address 192.168.0.2 255.255.255.0

<<<

 

that you are able to ping 192.168.10.1 is some kind of luck 

-> (unless the TP-link also knows about VLAN's and has an address in those VLANs, )
     the TP-link router will only know  about the 192.168.0.0 255.255.255.0 network

==>> on the TP-link (!) you need to add both (or all three) static routes to have 192.168.0.2 (the 3650) as the gateway

the 3650 has an interface in this subnet, so it does not need this static rout itself., it already knows the route.

but of course you need to set the 3650's address as default gateway on the connected clients

resumé:

clients: default gateway = 3650's address in corresponding vlan

3650 :  default route to TP-link

            ip route 0.0.0.0 0.0.0.0 192.168.0.1

TP-link: static route to VLAN's on the 3560

           ip route 192.168.10.0 255.255.255.0 192.168.0.2 (i know it is not the same command as on the cisco :-) )

           ip route 192.168.20.0 255.255.255.0 192.168.0.2

           (ip route 192.168.30.0 255.255.255.0 192.168.0.2)

            

 

I dont understand why I cant get out on the internet. 

 

my pc on vlan 10

 

192.168.10.5 with DG 192.168.10.1

 

is able to ping the DG

 

on the switch, I have ip route 0.0.0.0 0.0.0.0 192.168.0.1

 

on gigabit0/9 (up link port to the tplink) i have no switchport and ip address 192.168.0.2 255.255.255.0

 

on tplink I have static routes for vlan 10 back to the switch on 192.168.0.2

 

why

You need to configure the TP router to NAT all address spaces from all connected Vlans. What does the NAT page look like right now (post a screenshot) ?

Review Cisco Networking for a $25 gift card