Solved: layer 2 switch vlan and sub-interfaces on router ip addresses

John Cheetley · ‎09-21-2016

Hi cisco techs,

Have searched for some knowledge articles on cisco but some aren't conclusive

Does the IP address on layer 2 switch vlans have to match the ip address on teh sub-interfaces on a cisco router for a router on stick scenario please?

Reza Sharifi · ‎09-21-2016

If the switch is layer-2 than the only thing you need is an SVI with IP for management only. For all the other vlans the switch does not need any IP. You just need a trunk on the switch say with vlan 10,20, and 30 and you need a corresponding sub-interface for each on the router with IP. If in this example vlan 10 is for management you need an SVI on the switch with IP address being on the same segment as the router.

HTH

View solution in original post

Reza Sharifi · ‎09-21-2016

If the switch is layer-2 than the only thing you need is an SVI with IP for management only. For all the other vlans the switch does not need any IP. You just need a trunk on the switch say with vlan 10,20, and 30 and you need a corresponding sub-interface for each on the router with IP. If in this example vlan 10 is for management you need an SVI on the switch with IP address being on the same segment as the router.

HTH

John Cheetley · ‎09-22-2016

Thanks for your response Reza.

OH. I placed separate IP address for both data and voice vlan

And used this on the router side.

Placed in nat outside on one fa port connected to default gateway modem/router and ip nat inside on the trunkport side connecting the router to the switch

If you don't mind, I would like to sent you a copy of config. If that's alright.

Reza Sharifi · ‎09-22-2016

Sure. Just post "sh run" from the switch and the router, so we can take a look.

HTH

John Cheetley · ‎09-22-2016

Added as requested. Thanks

ahmedshoaib · ‎09-22-2016

Hi John;

Your internet modem is connected where? either on L2 switch or directly on Router F0/0. & L2 switch is connected to which port of router?

Thanks & Best regards;

John Cheetley · ‎09-23-2016

Hi Ahmedshoaib,

Thanks for your reply.

Internet modem connected to fa0/0 cisco router and fa0/1 connects to port 24 on L2 switch via trunk

ahmedshoaib · ‎09-23-2016

Hi John;

Then you need to modify the following configuration:

Switch-Configuration:

interface FastEthernet0/24
 no switchport access vlan 24

Note: At a given time switchport either access or trunk. In your case it should be trunk port.

CME-Router Configuration:

ip dhcp pool Data_Scope
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1
   dns-server 8.8.8.8 4.2.2.2
!
ip dhcp pool Voice_Scope
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1
   dns-server 8.8.8.8 4.2.2.2
   option 150 ip 192.168.0.12

no interface FastEthernet0/0.1
no interface FastEthernet0/0.2
interface FastEthernet 0/0
 ip nat outside

interface FastEthernet0/1
 no ip address
 no shutdown
!
interface FastEthernet0/1.2
 description Data vlan 20
 encapsulation dot1Q 2
 ip address 192.168.1.1 255.255.255.0
 ip nat inside
!
interface FastEthernet0/1.3
 description Voice vlan 30
 encapsulation dot1Q 3
 ip address 192.168.2.1 255.255.255.0
 ip nat inside
!
no ip route 192.168.0.0 255.255.255.0 192.168.0.1
no ip route 192.168.2.1 255.255.255.255 192.168.0.1
Note: not required the static route for 192.168.0.0 & 192.168.2.0 due to these are local route for router.

access-list 10 permit 192.168.1.0 0.0.0.255
access-list 10 permit 192.168.2.0 0.0.0.255

no ip nat inside source list 1 interface FastEthernet0/1 overload
ip nat inside source list 10 interface FastEthernet0/0 overload

Thanks & Best regards;

John Cheetley · ‎09-24-2016

Thanks ahmedshoaib,

Apologies for not responding earlier.

Will implement tonight and let you know

John Cheetley · ‎10-01-2016

Hi ahmedshoaib

Thanks for your patience. Am waiting for my telnet to die out as I had "unwittingly" set exec-timeout to a large number for the minutes. Once I can re-establish connection to the router I will update with your suggestions and happily let you know.

Thanks again :) :)

John Cheetley · ‎10-15-2016

Hi Ahmedshoaib,

Sorry about not responding yet. Had lots of troubles with telnet. Trying to get your thoughts implemented tonight. Thanks again.

John Cheetley · ‎10-01-2016

Thanks Reza for your assistance. Have I supplied you with the that information yet ?