Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
977
Views
0
Helpful
6
Replies

Need Assistance Setting up Multiple Vlans on a Catalyst 3560G for Test Lab with access to network

alenke
Level 1
Level 1

‎06-02-2015 08:12 AM - edited ‎03-08-2019 12:18 AM

Need Assistance Setting up Multiple Vlans on a Catalyst 3560G for Test Lab with access to network

I wasn't sure quite how to phrase this so I will explain here. My boss has tasked me with taking a Catalyst 3560G and creating a separate Vlan to connect our test lab to the network so that we can access it from our desks but still keep everything separate. I am complete noob when it comes to this sort of thing and I have watched tutorial after tutorial and read through a ton of forums but I still do not seem to have gotten anywhere. My boss is not knowledgeable about this as well

 

My work network is setup as 192.168.1.x (i got it like this) 

 

The router IP is 192.168.1.4 255.255.255.0 with a default gateway of 192.168.1.1

 

I set up a second Vlan as 10.10.1.1 255.255.255.0 

 

I set half the ports to Vlan 1 and the other half to Vlan 2 just for the purposes of setting this up. That I know how to change.

 

Here is the setup below.

 

VLAN Name                             Status    Ports

---- -------------------------------- --------- -------------------------------

1    default                          active    Gi0/1, Gi0/2, Gi0/3, Gi0/4

                                                Gi0/5, Gi0/6, Gi0/7, Gi0/8

                                                Gi0/9, Gi0/10, Gi0/11, Gi0/12

                                                Gi0/25, Gi0/26, Gi0/27, Gi0/28

2    TestLab                          active    Gi0/13, Gi0/14, Gi0/15, Gi0/16

                                                Gi0/17, Gi0/18, Gi0/19, Gi0/20

                                                Gi0/21, Gi0/22, Gi0/23, Gi0/24

1002 fddi-default                     act/unsup

1003 token-ring-default               act/unsup

1004 fddinet-default                  act/unsup

1005 trnet-default                    act/unsup

 

---- -------------------------------- --------- -------------------------------

Interface              IP-Address      OK? Method Status                Protocol

Vlan1                  192.168.1.4     YES TFTP   up                    up

Vlan2                  10.10.1.1       YES manual up                    up

Vlan3                  unassigned      YES manual up                    down

GigabitEthernet0/1     unassigned      YES unset  up                    up

GigabitEthernet0/2     unassigned      YES unset  down                  down

GigabitEthernet0/3     unassigned      YES unset  down                  down

GigabitEthernet0/4     unassigned      YES unset  down                  down

GigabitEthernet0/5     unassigned      YES unset  down                  down

GigabitEthernet0/6     unassigned      YES unset  down                  down

GigabitEthernet0/7     unassigned      YES unset  down                  down

GigabitEthernet0/8     unassigned      YES unset  down                  down

GigabitEthernet0/9     unassigned      YES unset  down                  down

GigabitEthernet0/10    unassigned      YES unset  down                  down

GigabitEthernet0/11    unassigned      YES unset  down                  down

GigabitEthernet0/12    unassigned      YES unset  down                  down

GigabitEthernet0/13    unassigned      YES unset  up                    up

GigabitEthernet0/14    unassigned      YES unset  down                  down

GigabitEthernet0/15    unassigned      YES unset  down                  down

GigabitEthernet0/16    unassigned      YES unset  down                  down

GigabitEthernet0/17    unassigned      YES unset  down                  down

GigabitEthernet0/18    unassigned      YES unset  down                  down

GigabitEthernet0/19    unassigned      YES unset  down                  down

GigabitEthernet0/20    unassigned      YES unset  down                  down

GigabitEthernet0/21    unassigned      YES unset  down                  down

GigabitEthernet0/22    unassigned      YES unset  down                  down

GigabitEthernet0/23    unassigned      YES unset  down                  down

GigabitEthernet0/24    unassigned      YES unset  down                  down

GigabitEthernet0/25    unassigned      YES unset  down                  down

GigabitEthernet0/26    unassigned      YES unset  down                  down

GigabitEthernet0/27    unassigned      YES unset  down                  down

GigabitEthernet0/28    unassigned      YES unset  down                  down

 

here is the ip route info (which i am sure is the root of the problem)

 

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

 

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

 

     10.0.0.0/24 is subnetted, 1 subnets

C       10.10.1.0 is directly connected, Vlan2

C    192.168.1.0/24 is directly connected, Vlan1

S*   0.0.0.0/0 [1/0] via 192.168.1.1

 

The ultimate goal here is for the 10.10.1.x Vlan to have access to network resources and internet as well as be remotely accessible from our office computers on the 192.168.1.x Vlan

Any thoughts and suggestions on this would be greatly appreciated. 

Thanks!

Adam 

 

Labels:
0 Helpful
6 Replies 6

Mark Malone
VIP Alumni
VIP Alumni

‎06-02-2015 09:09 AM

Hi i think you need a router on stick setup here if i have picked that up right , check this doc below it explains how to set it up , sub-ints on router side with trunk on switch side , this will allow both to communicate fully , other than that ypou would neded an IGP running on each side

http://www.orbit-computer-solutions.com/How-to-Configure-Router-on-a-Stick-InterVLAN-Routing.php

0 Helpful

alenke
Level 1
Level 1
In response to Mark Malone

‎06-03-2015 10:44 AM

Maybe a better way to put this is that my production environment is 192.168.1.x and my test lab environment is 10.10.1.x.

How would I best connect the two networks with this 3560G switch so that I can have access between the two networks.

Sorry, I am thinking I have overcomplicated this. I also replied to the other comment as well that may provide some insight into my intentions.

0 Helpful

ITDude1128
Level 1
Level 1
In response to alenke

‎06-23-2015 11:48 AM

alenke where you able to get this set-up for yourself?  Mark's link would definitely help with the setup or you can go to youtube and lookup router on a stick and find multiple videos on this setup.   

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame

‎06-02-2015 01:58 PM

How is this switch connected to the router ie. did you connect it to a spare interface on the router ?

Presumably your production clients are on another switch ?

Do you want to use this switch for test and production connections ?

For something like this you really need L3 separation so ideally you would use this switch for test devices only and if you have a spare interface on your router you would connect the switch to that.

If you don't have a spare interface then how are you connecting this switch ie. is it going to connect to other production switches one of which connects to the router ?

Doing that is a bad idea because the last thing you want is to have test take down production which is why, at a minimum you should look to separate them at L3.

Mark's suggestion of subinterfaces may well be spot on but if you could provide some more details on the above we could recommend the best solution.

Jon

 

0 Helpful

alenke
Level 1
Level 1
In response to Jon Marshall

‎06-03-2015 10:34 AM

We only want to use this for test devices and possibly for imaging, no other reason. I just would like to be able to connect to our network resources for the images and drivers. We are setting up VM's in our test lab for the purposes of testing new software and for migrations. Also a place for our interns to learn in a non production environment.

I have connected this switch (currently in my office but will be in our test lab) to an available port on the production switch with the hopes that I can access the network resources and also that the switch can be reached from my office. The IP scheme of the test lab is to be 10.10.1.x

So if I am to understand best practices, what I should really be doing is  connecting 1 port to the production switch. That port would provide the access to the internet and network resources to my test lab switch. Could you recommend the best way to configure the switch so that gi0/1 would be connected to the production switch and the rest of the ports are configured to vlan2 which is the 10.10.1.1 255.255.255.0 and have all of the test lab switch ports have access to network resources and internet access?

I have no problem blowing this back to factory and starting again if that would be easier.

Thanks again for all of your help.

0 Helpful

Jon Marshall
Hall of Fame
Hall of Fame
In response to alenke

‎06-03-2015 11:54 AM

What is the production switch doing ie. it is L3 or do you simply use a router for that ?

If you use a router does it have any spare interfaces ?

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card