Solved: Re: Create an ip routing from a vlan in CISCO 2960 PS-L

hamid1 · ‎02-08-2019

Hello community,

I have a switch CISCO (2960 PS-L) with 15.5 iOS version.

I want to create multiple VLANs to deal against arp spoofing in my Hotel (Reduce the risk in each floor)

So when i finish creating VLANs i can‘t use ip routing commande (not supported in this iOS version).

Someone here in the Forum recommanded to make a downgrade to 12.2 version that support ip routing.

So i downloaded the bin image but when i started coping the image in the flash

>> copy tftp://192.168.0.100/c2960s-universalk9-mz.SE13.bin flash:

I catch this error :

~~ Error openning tftp:/192.168.0.100/c2960s-universalk9-mz.SE13.bin (Socket error)

My questions:

- Could i connect my Vlans to the interface connected to my router without making ip routing statut? And if yes, what is the command?

- If not, wich real version support ip routing and can be installed without any problem in my appliance?

- What is the fixation of my last error ~~ ?

Jaderson Pessoa · ‎02-08-2019

Could i connect my Vlans to the interface connected to my router without making ip routing statut? And if yes, what is the command?
R: You can do it using encapsulation dot1q in your router in sub-interfaces.
more information about: https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/n5k/commands/encapsulation-dot1q.html

If not, wich real version support ip routing and can be installed without any problem in my appliance?
R: 2960 with IOS 12.2(55)SE installed, you can perform limited (static & default) routing only. The switch does not support any routing protocols.

What is the fixation of my last error ~~ ?
R: Its appear the tftp server not working, try reconfigure it.

Otherwise, change the SDM on your switch.

sdm prefer lanbase-routing >> reload your switch.

ip routing >> check if it its working.

Jaderson Pessoa
*** Rate All Helpful Responses ***

View solution in original post

Jaderson Pessoa · ‎02-08-2019

Could i connect my Vlans to the interface connected to my router without making ip routing statut? And if yes, what is the command?
R: You can do it using encapsulation dot1q in your router in sub-interfaces.
more information about: https://www.cisco.com/c/m/en_us/techdoc/dc/reference/cli/n5k/commands/encapsulation-dot1q.html

If not, wich real version support ip routing and can be installed without any problem in my appliance?
R: 2960 with IOS 12.2(55)SE installed, you can perform limited (static & default) routing only. The switch does not support any routing protocols.

What is the fixation of my last error ~~ ?
R: Its appear the tftp server not working, try reconfigure it.

Otherwise, change the SDM on your switch.

sdm prefer lanbase-routing >> reload your switch.

ip routing >> check if it its working.

Jaderson Pessoa
*** Rate All Helpful Responses ***

hamid1 · ‎02-08-2019

Many thanks Jaderson, i‘ll try this and come back to make my feedback

Jaderson Pessoa · ‎02-08-2019

i'm waiting for it.

good lucky.

Jaderson Pessoa
*** Rate All Helpful Responses ***

hamid1 · ‎02-08-2019

ip routing is successfuly enabled due to your last recommandation (SDM).

So now i want to route between each VLAN and my Gi0/1/24 (Router ADSL). Wich command i must type ?

Jaderson Pessoa · ‎02-08-2019

I dont understaood your question.

If you want router all of your vlans to internet (ADSL) you must insert: ip route 0.0.0.0 0.0.0.0 1.1.1.1 (ip of your adsl router).

Dont forget mark it as help and solved :D

Thanks in advance

Jaderson Pessoa
*** Rate All Helpful Responses ***

hamid1 · ‎02-08-2019

Done for (Dont forget mark it as help and solved :D)
==========
>> ip route 0.0.0.0 0.0.0.0 192.168.0.1
did not connecte my VLans to my router :/

See my running config in pics

Jaderson Pessoa · ‎02-08-2019

Oh.. now i unsderstood your question earlier.

Let me do a question: All of this vlans has the same ip address net? If yes.
insert it on interface Gi0/1/24
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan all

If no: Which device will manager routing between this networks SWITCH or ADSL Router?

If you just need connect your switch with your adsl, try it:

interface vlan 1

ip address 192.168.0.2 255.255.255.0 (check if this address is disponible.)

no shutdown

Jaderson Pessoa
*** Rate All Helpful Responses ***

hamid1 · ‎02-08-2019

Okay, to be more clearer, this is my network architecture:

4 VLans each one with its own address range

1 Gateway to internet.

VLans must be isolated

(See the pic)

Jaderson Pessoa · ‎02-08-2019

Thats awesome.
try this configuration below.

interface vlan 10
ip address 192.168.10.1 255.255.255.0
descrition FLOOR1
no shutdown

interface vlan 20
ip address 192.168.20.1 255.255.255.0
description FLOOR2
no shutdown

interface vlan 30
ip address 192.168.30.1 255.255.255.0
description FLOOR3
no shutdown

interface vlan 40
ip addess 192.168.40.1 255.255.255.0
description FLOOR4
no shutdown

interface vlan 1
ip address 192.168.0.2 255.255.255.0
description LINK_TO_ADSL
no shutdown

interface gi 0/1/24

switchport mode trunk
swtichport trunk allowed vlan 1,10,20,30,40

ip route 0.0.0.0 0.0.0.0 192.168.0.1

you need create rules on adsl router to allowed theses vlans for internet.
like acl, nat, pbr or something like it.

Jaderson Pessoa
*** Rate All Helpful Responses ***