Solved: not all PCs will have DHCP - Page 3

mquevedob · ‎12-11-2014

Hello guys,

I have a cisco 1921 router with the LAN interface connected to a Cisco 2960 switch.

My 2960 switch is configured to work in VLANs

What I would like to do is create IP pools for each VLAN in my switch.

This will allow a PC on a VLAN to get an IP in a different subnet as PCs connected in other VLANs

thanks!

Martin

mquevedob · ‎12-12-2014

I am going to post here my final configurations so that anyone with the same problem can benefit from them

ROUTER Cisco 1921

Current configuration : 2376 bytes
!
! Last configuration change at 16:26:58 UTC Fri Dec 12 2014
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname hrc_r01
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
ip cef
!
!
!
ip dhcp excluded-address 10.10.7.1 10.10.7.10
ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.2.50 192.168.2.250
!
ip dhcp pool VLAN7
network 10.10.7.0 255.255.255.0
default-router 10.10.7.1
dns-server 10.10.7.1
!
ip dhcp pool VLAN3
network 192.168.2.0 255.255.255.0
default-router 192.168.2.1
dns-server 192.168.2.1
!
!
!
ip domain name hrc.com.py
ip name-server 190.104.163.57
ip name-server 200.3.250.1
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
license udi pid CISCO1921/K9 sn FGL1834240J
!
!
username xxxxxxxx privilege 15 password 0 xxxxxxxx
!
redundancy
!
!
!
!
!
ip ssh version 2
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
description LAN
no ip address
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0.3
encapsulation dot1Q 3
ip address 192.168.2.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/0.7
encapsulation dot1Q 7
ip address 10.10.7.1 255.255.255.0
ip nat inside
ip virtual-reassembly in
!
interface GigabitEthernet0/1
description WAN
ip address xxx.xxx.xxx.166 255.255.255.252
ip nat outside
no ip virtual-reassembly in
duplex auto
speed auto
!
interface GigabitEthernet0/0/0
no ip address
!
interface GigabitEthernet0/0/1
no ip address
!
interface GigabitEthernet0/0/2
no ip address
!
interface GigabitEthernet0/0/3
no ip address
!
interface Vlan1
no ip address
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
ip dns server
ip nat inside source list 1 interface GigabitEthernet0/1 overload
ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.165
!
access-list 1 permit 10.10.7.0 0.0.0.255
access-list 1 permit 192.168.2.0 0.0.0.255
!
!
!
control-plane
!
!
!
line con 0
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
login local
transport input all
line vty 5 15
login local
transport input all
!
scheduler allocate 20000 1000
!
end

SWITCH CIsco 2960

Current configuration : 6951 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
enable secret 5 xxxxxx
!
!
!
no aaa new-model
clock timezone UTC -4
switch 1 provision ws-c2960s-48lps-l
authentication mac-move permit
ip subnet-zero
!
!
vtp mode transparent
!
!
spanning-tree mode pvst
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
vlan 2
name Administracion
!
vlan 3
name Micros
!
vlan 4
name VoIP
!
vlan 5
name WiFi-Publico
!
vlan 6
name Otros
!
vlan 7
name Libres
!
!
!
interface FastEthernet0
description Management Port
no ip address
!
interface GigabitEthernet1/0/1
description Trunk-to-Router
switchport mode trunk
spanning-tree portfast trunk
!
interface GigabitEthernet1/0/2
switchport access vlan 7
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet1/0/52
switchport access vlan 7
switchport mode access
!
interface Vlan1
no ip address
!
ip http server
ip http secure-server
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
login
line vty 5 15
login
!
end

daniel espinal · ‎12-12-2014

Nice. I knew it was something simple we were missing.

mquevedob · ‎12-12-2014

i was missing

ip dns server

it is working now!

Jon Marshall · ‎12-12-2014

Okay, then you need to do what I said in my last post, add the line and use 10.10.7.1 as the DNS IP otherwise the clients don't know where to send DNS queries.

That said I have never used a router as a DNS server so I can't say how well it will work. I found an article saying that the router does not make recursive queries so sometimes the client query will fail. That was for IOS 12.3 so it may have changed now but be aware it might not work as you want in all cases.

Is there a reason you want the router to do it rather than just have the clients use the internet DNS IPs ?

Jon

mquevedob · ‎12-12-2014

It is much easier for me to tell the people here to configure default gw and dns as a local IP address for PCs without DHCP

Jon Marshall · ‎12-12-2014

Not sure I follow this.

If you hand out IPs from the router using DHCP and you configure the default gateway and DNS server(s) in the DHCP pool then people do not need to configure anything on their PC's as it is all done automatically.

Jon

mquevedob · ‎12-12-2014

not all PCs will have DHCP configuration

Configure a different DHCP pool on a 1921 Router for a VLAN 2960 switch