12-05-2019 02:57 PM
I got a cisco 3560CG 8 port poe switch that I got at home and I want to know how to do vlan routing
I want to assign something like this
uplink port gig 0/9 - uplink to router
Router uplinks to cable modem and to intetnet
uplink port gig 0/1 - 0/3 - vlan 10 ----- for hard wired desktops at home
upling port gig 0/4 - 0/8 - vlan 20 ----- for poe waps
how do I use separate addressing or do this?
my router will only hand out one ip range - 192.168.0.1/24
thanks
12-06-2019 01:16 AM - edited 12-06-2019 01:19 AM
start with this document
Configuring InterVLAN Routing with Catalyst 3750/3560/3550 Series Switches
this is a universal setup, but but you combine the muntiple switches into a single one.
so you do not need to configure trunk ports between switches
and you configure access ports on the 3560
01-17-2020 12:53 PM
this is my setup
I want to have wifi access points in vlan10
I wan to have PCs (hard wired) vlan 20
I want to have security cameras in vlan 30
how do i setup the config and routing?
01-21-2020 03:43 PM
01-21-2020 11:34 PM
>>> when i do no switchport from my switch uplink gig0/9 to the tp link router, i lost all connectivity on all the other switch ports <<<
that is expected behavior.; "no switchport" means this port is not forwarding on Layer-2 anymore
the port is now a layer-3 (routed) port and needs to be configured with an IP-address
after that it an route between two (or more) routed interfaces (two ip-networks)
->proceed with the rest of the configuration
01-22-2020 06:05 AM
i did but whenever I shutdown vlan1 and assign one of my workstastion to vlan10
The workstastion is not able to access the internet
even though I have this in the config
ip route 0.0.0.0 0.0.0.0 192.168.0.1
(this is the wifi router gateway ip)
from my workstation I was able to ping the vlan interface on the switch 192.168.10.1
01-22-2020 06:13 AM
01-22-2020 07:48 AM
as mentioned before after you used the "no switchport" command
to route packets to your internet router (ip route 0.0.0.0 0.0.0.0 192.168.0.1)
the 3560 needs
- one ip address to communicate to the internet router using the port with "no switchport in the same subnet as the internet router (like 192.168.0.2 255.255.255.0 )
- a second ip-address in vlan 10 to communicate with these clients
- "ip routing" enabled (192.168.1.1 255.255.255.0)
- it is advices to have a DHCP-server in vlan 10 (the 3560 or another device)
(or else you need to manually configure all client ip adresses in vlan10)
- 192.168.1.1 is the default gateway for clients in vlan10 (not 192.168.0.1)
- as Mark mentioned, the internet router needs to know the way back (192.168.1.0/24 is reachable via 192.168.0.2)
02-01-2020 05:30 AM
I am still struggling with this. I have a static route from the wifi/internet router back to vlan 10 like this
192.168.10.0 255.255.255.0 192.168.10.1
192.168.10.1 is the vlan10 interface on the switch
--------------------------------------------------
on th switch uplink to wifi/internet router
interface GigabitEthernet0/9
description uplink to TP Router
no switchport
ip address 192.168.0.2 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 192.168.0.1
interface Vlan10
description management_vlan
ip address 192.168.10.1 255.255.255.0
interface GigabitEthernet0/2
switchport access vlan 10
switchport mode access
-------------------------------------
I assigned my pc on gig0/2 with ip 192.168.10.5, 255.255.255.0 192.168.10.1(GW)
from my pc i can ping 192.168.10.1 (vlan 10 interface on switch)
but I cant get out to internet. I cannot ping any internet ips/dns names
02-01-2020 05:42 AM
from internet router
02-01-2020 05:43 AM
02-02-2020 09:16 AM
02-03-2020 12:04 AM
>>>
interface GigabitEthernet0/9
description uplink to TP Router
no switchport
ip address 192.168.0.2 255.255.255.0
<<<
that you are able to ping 192.168.10.1 is some kind of luck
-> (unless the TP-link also knows about VLAN's and has an address in those VLANs, )
the TP-link router will only know about the 192.168.0.0 255.255.255.0 network
==>> on the TP-link (!) you need to add both (or all three) static routes to have 192.168.0.2 (the 3650) as the gateway
the 3650 has an interface in this subnet, so it does not need this static rout itself., it already knows the route.
but of course you need to set the 3650's address as default gateway on the connected clients
resumé:
clients: default gateway = 3650's address in corresponding vlan
3650 : default route to TP-link
ip route 0.0.0.0 0.0.0.0 192.168.0.1
TP-link: static route to VLAN's on the 3560
ip route 192.168.10.0 255.255.255.0 192.168.0.2 (i know it is not the same command as on the cisco :-) )
ip route 192.168.20.0 255.255.255.0 192.168.0.2
(ip route 192.168.30.0 255.255.255.0 192.168.0.2)
02-06-2020 05:58 AM
I dont understand why I cant get out on the internet.
my pc on vlan 10
192.168.10.5 with DG 192.168.10.1
is able to ping the DG
on the switch, I have ip route 0.0.0.0 0.0.0.0 192.168.0.1
on gigabit0/9 (up link port to the tplink) i have no switchport and ip address 192.168.0.2 255.255.255.0
on tplink I have static routes for vlan 10 back to the switch on 192.168.0.2
why
02-06-2020 06:34 AM
You need to configure the TP router to NAT all address spaces from all connected Vlans. What does the NAT page look like right now (post a screenshot) ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide