cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1548
Views
0
Helpful
2
Replies

Having Trouble Splitting Network Into Multiple VLANS

rvdsabu4life
Level 1
Level 1

Currently we have a single VLAN (10.0.0.x) split over a T1 connection.  That is, two locations on the same subnet.  I can provide the list of network hardware if needed.

We have 2 WAN connections at each office.  In both locations the T1 router is a 3COM VPN Firewall Router.  The Comcast connection is a Sonicwall TZ210.

We bought a 2960 switch in order to split location A.  I configured the switch with IP 10.0.0.200 VLAN1 and IP 10.0.1.200 VLAN2.  That switch gets its VLAN2 address from the X1 port of the Sonicwall.  The 3COM is connected to the new switch as well.

I can plug a computer in the switch and it can see all the other computers on VLAN2 but only HALF of VLAN1.  The half of VLAN1 in location A, not Location B.  Currently as it stands, with a flat VLAN, we can see all the computers from both locations.  That is what I am trying to do now.

Here is my config from the new switch:

2960-48-01#sh conf
Using 3854 out of 524288 bytes
!
version 12.2
service config
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 2960-48-01
!
boot-start-marker
boot-end-marker
!

!
!
!
no aaa new-model
authentication mac-move permit
ip subnet-zero
!
!
!
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 3 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 2 4
mls qos srr-queue output cos-map queue 4 threshold 2 1
mls qos srr-queue output cos-map queue 4 threshold 3 0
mls qos
!
crypto pki trustpoint HTTPS_SS_CERT_KEYPAIR
enrollment selfsigned
serial-number
revocation-check none
rsakeypair HTTPS_SS_CERT_KEYPAIR
!
!
crypto pki certificate chain HTTPS_SS_CERT_KEYPAIR
certificate self-signed 01 nvram:896C8E80host#2E2E.cer
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree etherchannel guard misconfig
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
interface FastEthernet0
no ip address
shutdown
!
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/3
switchport access vlan 3
switchport mode access
!
interface GigabitEthernet0/4
switchport mode trunk
mls qos trust cos
macro description cisco-router
spanning-tree portfast trunk
spanning-tree bpduguard enable
!
interface GigabitEthernet0/5
!
interface GigabitEthernet0/6
!
interface GigabitEthernet0/7
!
interface GigabitEthernet0/8
!
interface GigabitEthernet0/9
!
interface GigabitEthernet0/10
!
interface GigabitEthernet0/11
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/12
!
interface GigabitEthernet0/13
!
interface GigabitEthernet0/14
!
interface GigabitEthernet0/15
!
interface GigabitEthernet0/16
!
interface GigabitEthernet0/17
!
interface GigabitEthernet0/18
!
interface GigabitEthernet0/19
!
interface GigabitEthernet0/20
!
interface GigabitEthernet0/21
!
interface GigabitEthernet0/22
!
interface GigabitEthernet0/23
!
interface GigabitEthernet0/24
!
interface GigabitEthernet0/25
!
interface GigabitEthernet0/26
!
interface GigabitEthernet0/27
!
interface GigabitEthernet0/28
!
interface GigabitEthernet0/29
!
interface GigabitEthernet0/30
!
interface GigabitEthernet0/31
!
interface GigabitEthernet0/32
!
interface GigabitEthernet0/33
!
interface GigabitEthernet0/34
!
interface GigabitEthernet0/35
!
interface GigabitEthernet0/36
!
interface GigabitEthernet0/37
!
interface GigabitEthernet0/38
!
interface GigabitEthernet0/39
!
interface GigabitEthernet0/40
!
interface GigabitEthernet0/41
!
interface GigabitEthernet0/42
!
interface GigabitEthernet0/43
!
interface GigabitEthernet0/44
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/45
!
interface GigabitEthernet0/46
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet0/47
!
interface GigabitEthernet0/48
switchport access vlan 2
switchport trunk native vlan 2
switchport mode access
switchport port-security
switchport port-security aging time 2
switchport port-security violation restrict
switchport port-security aging type inactivity
macro description cisco-desktop
spanning-tree portfast
spanning-tree bpduguard enable
!
interface GigabitEthernet0/49
!
interface GigabitEthernet0/50
!
interface Vlan1
ip address 10.0.0.200 255.255.255.0
!
interface Vlan2
ip address 10.0.1.200 255.255.255.0
ip helper-address 10.0.0.10
!
interface Vlan3
ip address 10.0.2.200 255.255.255.0
!
ip http server
ip http secure-server
snmp-server community public RO
!
!
line con 0
line vty 0 4

login
line vty 5 15

login
!
end

Port 1 is plugged into the old switch

Port 2 is VLAN2

Port 3 is TEST VLAN3

Port 4 is from the T1 router

Port 48 is from the Sonicwall


Everything else is a desktop.

Any idea what I am doing wrong?

2 Replies 2

dalamdiz
Level 1
Level 1

interface GigabitEthernet0/48
switchport access vlan 2
switchport trunk native vlan 2
switchport mode access

Try setting it to:

switchport mode trunk

Also, make sure the Sonicwall port is setup to allow access from both VLANS.

Tried that, did not work.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco