Hello !
I have a problem setting up my CISCO core switch (SG500X-48P) with VLANs
Here is my infrastructure :
I have a problem setting up my CISCO core switch (SG500X-48P) with VLANs
Here is my infrastructure :
I have a router / firewall, connected to port 1 of the switch.
I have my PC, connected to port 2.
Then I have 2 servers connected on 47 and 48.
What I am trying to do is :
Have the 2 servers on a separated VLAN (42).
But they must have Internet access, so routable through my main (and default) VLAN, 1.
The VLAN 42 is on 192.168.42.0/24
While the default VLAN 1, is on 192.168.47.0/24
Currently, my switch has the IP 192.168.47.254 on VLAN 1 and 192.169.42.253 on VLAN 42
My router have something similar, 192.198.47.1 on VLAN 1 and 192.168.42.254 on VLAN 42
The servers are running windows (but it can be anything, really) and they have static IPs with static default gateway to 192.168.42.254
Here is my problem :
The servers can ping each other, but they can't ping the switch (on 192.168.42.253) or the gateway/router/firewall, on 192.168.42.254.
I made sure the VLAN is setup on the firewall with an all rule accept for testing.
I did some more test, and my computer, the one on 192.168.47.2 can ping the switch on 192.168.42.253 and the router on 192.168.42.254
When I look in the ARP table of the cisco switch, for my VLAN 42, I see the firewall but not the 2 servers.
I am a bit new to VLANs and smart switch, so I most have done something wrong when dooing the initial setup of my core switch.
If it can help, on my initial configuration, I assigned the port 43-48 to VLAN 1 and VLAN 42
Here is my current running configuration on the switch.
Thank you for your help !
PS: my VLAN 42 is configured with QoS because it will serve as a VLAN for IP phones in the near future.
PSS: The Guest VLAN 44 is currently not in use and can be ignored
config-file-header
sw-cisco-01-48
v1.4.7.5 / R800_NIK_1_4_194_194
CLI v1.0
set system queues-mode 4
file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10,42,44
exit
voice vlan id 42
voice vlan vpt 6
voice vlan oui-table add 0001e3 Siemens_AG_phone________
voice vlan oui-table add 00036b Cisco_phone_____________
voice vlan oui-table add 00096e Avaya___________________
voice vlan oui-table add 000fe2 H3C_Aolynk______________
voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone
voice vlan oui-table add 00d01e Pingtel_phone___________
voice vlan oui-table add 00e075 Polycom/Veritel_phone___
voice vlan oui-table add 00e0bb 3Com_phone______________
arp timeout 300
no bonjour enable
bonjour interface range vlan 1
hostname sw-cisco-01-48
username cisco password encrypted XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX privilege 15
ip ssh server
no ip http server
clock timezone " " -4
clock source sntp
!
interface vlan 1
ip address 192.168.47.254 255.255.255.0
no ip address dhcp
!
interface vlan 42
name Voice
ip address 192.168.42.253 255.255.255.0
!
interface vlan 44
name Guest
ip address 10.10.1.254 255.255.255.0
!
interface gigabitethernet1/1/1
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
power inline priority critical
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/19
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 44
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/20
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 44
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/21
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/22
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 44
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/23
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 44
macro description "switch "
power inline priority critical
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/24
switchport trunk allowed vlan add 44
power inline priority high
!
interface gigabitethernet1/1/26
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/42
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/43
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/44
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/45
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/46
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/47
storm-control broadcast enable
storm-control broadcast level 10
storm-control include-multicast
port security max 10
port security mode max-addresses
port security discard trap 60
spanning-tree portfast
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42
macro description "ip_phone_desktop | switch | ip_phone_desktop | switch | ip_phone_desktop | switch | ip_phone_desktop | switch "
power inline priority high
!next command is internal.
macro auto smartport dynamic_type unknown
!
interface gigabitethernet1/1/48
spanning-tree link-type point-to-point
switchport trunk allowed vlan add 42,44
macro description "switch "
power inline priority critical
!next command is internal.
macro auto smartport dynamic_type unknown
!
exit
ip helper-address 192.168.42.254 0.0.0.0 37 42 49 53 137 138
ip default-gateway 192.168.42.254
encrypted ip ssh-client key rsa key-pair
I am sorry for the spam in the shoe-config, as you can see, I tried a lot of stuff and it didnt seem to work.
Thank you !
