Solved: Network Configuration Problem

krishna das · ‎11-25-2015

Hi team

Iam new one in this side. I have 3750G series 24-ports cisco switch, microsoft 2008 server. i need to know about how to configure on cisco switch with multiple vlans. DHCp are comming from Microsoft server with multiple DHCP scope for each vlan. So how i configure multiple vlans on specified switch here.

iam giving vlans

vlan 10 management

vlan 20 voip

vlan 30 users

ipaddress range 192.168.10.0/24 for vlan 10

ipaddress range 192.168.20.0/24 for vlan 20

ipaddress range 192.168.30.0/24 for vlan 30

i also needto know about how communication possible from switch to Microsoft Server 2008 and its switch configuration.Rough figure of my pan are given here.please go through on it.

Please help me.

Masoud Pourshabanian · ‎11-25-2015

Hello,

This is a basic configuration. Fell free to ask more questions.

3750

***************************************************

vlan 10
name managment
vlan 20
name voip
vlan 30
name users
vlan 40
name servers

interface vlan 10
ip address 192.168.10.1 255.255.255.0
ip helper-address [dhcp IP address]

interface vlan 20
ip address 192.168.20.1 255.255.255.0
ip helper-address [dhcp IP address]

interface vlan 30
ip address 192.168.30.1 255.255.255.0
ip helper-address [dhcp IP address]

int vlan 40
ip address 192.168.40.1 255.255.255.0 // you can change it depending on the ip of DHCP server

int fast0/5
des DHCP server
switch port access vlan 40

ip routing
ip route 0.0.0.0 0.0.0.0 [ip address of firewall]

int fast 0/22
no switchport
ip address [ IP in the same range of your modem] or ip address dhcp

int fa0/23
des Connect to switch
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10 30

int fa0/24
des Connect to switch
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10 30

int range f0/1-12
des Connect to voip
switchport access vlan 20

**********************************************************************
Switch1

vlan 10
name managment
vlan 30
name users

int vlan 10
ip address 192.168.10.2 255.255.255.0

ip default-gateway 192.168.10.1

int fa0/24
des Connect to 3750
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10 30

int fa0/0
des Connect to client
switchport access vlan 30

int fa0/1
des Connect to client
switchport access vlan 30
**************************************
Switch2

vlan 10
name managment
vlan 30
name users

int vlan 10
ip address 192.168.10.3 255.255.255.0

ip default-gateway 192.168.10.1

int fa0/24
des Connect to 3750
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan

int fa0/1
des Connect to client
switchport access vlan 30

int fa0/2
des Connect to client
switchport access vlan 30

**********************************************

You need to set ip and default gateway for all clients and VOIP devices and servers

Hope it helps,

Masoud

View solution in original post

Masoud Pourshabanian · ‎11-25-2015

Adding to my previous comment

For SSH connectivity.

*****************************

IP domain-name Cisco.com

IP ssh version 2

username cisco passwork cisco

Crypto key generaye RSA [ press enter for questions]

line VTY 0 4

login local

transport input SSH [telnet if needed]

Masoud

View solution in original post

Masoud Pourshabanian · ‎11-25-2015

Hello,

This is a basic configuration. Fell free to ask more questions.

3750

***************************************************

vlan 10
name managment
vlan 20
name voip
vlan 30
name users
vlan 40
name servers

interface vlan 10
ip address 192.168.10.1 255.255.255.0
ip helper-address [dhcp IP address]

interface vlan 20
ip address 192.168.20.1 255.255.255.0
ip helper-address [dhcp IP address]

interface vlan 30
ip address 192.168.30.1 255.255.255.0
ip helper-address [dhcp IP address]

int vlan 40
ip address 192.168.40.1 255.255.255.0 // you can change it depending on the ip of DHCP server

int fast0/5
des DHCP server
switch port access vlan 40

ip routing
ip route 0.0.0.0 0.0.0.0 [ip address of firewall]

int fast 0/22
no switchport
ip address [ IP in the same range of your modem] or ip address dhcp

int fa0/23
des Connect to switch
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10 30

int fa0/24
des Connect to switch
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10 30

int range f0/1-12
des Connect to voip
switchport access vlan 20

**********************************************************************
Switch1

vlan 10
name managment
vlan 30
name users

int vlan 10
ip address 192.168.10.2 255.255.255.0

ip default-gateway 192.168.10.1

int fa0/24
des Connect to 3750
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 10 30

int fa0/0
des Connect to client
switchport access vlan 30

int fa0/1
des Connect to client
switchport access vlan 30
**************************************
Switch2

vlan 10
name managment
vlan 30
name users

int vlan 10
ip address 192.168.10.3 255.255.255.0

ip default-gateway 192.168.10.1

int fa0/24
des Connect to 3750
switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk allowed vlan

int fa0/1
des Connect to client
switchport access vlan 30

int fa0/2
des Connect to client
switchport access vlan 30

**********************************************

You need to set ip and default gateway for all clients and VOIP devices and servers

Hope it helps,

Masoud

krishna das · ‎11-25-2015

Thank You so much Masoud.

But one doubt all dhcp configured for vlans from windows 2008 server will automatically come inside cisco switch 3750G, when i create as you mentioned on inter fas 0/5. If it is needed to change no switch port with ip address.

Masoud Pourshabanian · ‎11-25-2015

Yes, you can. Both ways work.

int fa0/5

no switchport

ip address [used for gateway of DHCP server]

You do not need VLAN 40 anymore .

Thanks for rating.

Masoud

krishna das · ‎11-25-2015

Thank you.

If you don't mind what about outgoing connection routing to internet from those vlans end devices.where i configured that?.And i need some restriction for these vlan communication. For example Vlan 10 has all access in vlan 20 and 30, but vlan 20 and 30 has no access on management network(vlan 10).what we do for that purpose.

Masoud Pourshabanian · ‎11-25-2015

You are welcome.

ip routing
ip route 0.0.0.0 0.0.0.0 [ip address of firewall]

int fast 0/22

descreption connect to firewall
no switchport
ip address [ IP in the same range of your firewall] or ip address dhcp

If your endpoint devices have gateway, with the commands above they will route to the modem. Make sure your modem works for all subnets(Policy and NAT are configured correctly).

I am working on your second question. I will get back to you in a moment

Masoud

krishna das · ‎11-25-2015

Thnaks Masoud and Paul.

After i check. i will update. Again thanks for your valubale time.

Masoud Pourshabanian · ‎11-25-2015

You are welcome. Glad to help. Just do not forget to set "ip routing" command on 3750 and also check connectivity segment by segment. For example, ping 192.168.10.1(SVI) from 192.168.10.2 and ping 192.168.20.1(SVI) from 192.168.20.2 and repeat it for others subnets too.

Be waiting for you feedback.

Masoud

krishna das · ‎11-25-2015

Thank you.

Sure, after complete i will update.

krishna das · ‎12-08-2015

Thanks for advance.

I have doubt.

my Firewall ip 10.20.30.1

My dhcpserver IP 10.20.30.5. Under these dhcp server i created below dhcp pool.its on 2012 windows server.

My other dhcp pools are 10.20.40.10 10.20.40.100

My other dhcp pools are 10.20.50.10 10.20.50.100

Please which ip should i configured on the switch for geting above all dhcp pool on the switch.is it any ip range of dhcpserver?

Masoud Pourshabanian · ‎12-08-2015

Your dhcp server is behind the firewall?

On switch,under all interface VLANs, you need to configure,

Ip helper-address 10.20.30.5

Make sure you permit access to 10.20.30 5 on firewall if dhcp is behind the firewall.

Let me know if I understood your question correctly. Your last configuration and sketch of your topology would be helpful,

Masoud

krishna das · ‎12-08-2015

Thanks Masoud.

Yes DHCP server behind firewall.

Sure.

Thanks lot.

krishna das · ‎12-10-2015

Hello Team.

Please help.

I am not getting DHCP IP from windos2012 to 3750G switch.I created dhcp relay agent on windows 2012.DHCPserver ip 10.20.30.9 and port which I connect that server to switch 3/0/24,its ip is 10.20.30.199.

Then I created vlan

vlan 10
name management

interface vlan 10
ip address 10.27.130.1 255.255.255.0
ip helper-address 10.20.30.9

interface range GigabitEthernet 3/0/1-12

switchport mode access

switchport access vlan 10

Then I connected 3/0/1 to a laptop and assign it dhcp. i cant get dhcp ip for that laptop

Ping from port 3/0/24 to dhcp server ip ok, because these are in same range.

Please help me. why I cant get dhcp for laptop which connected that switch. i also changed desktop also. If there is any misconfiguration.

Thanks for advance.

Masoud Pourshabanian · ‎12-10-2015

Hello,

Does your dhcp server have default gateway?

Can you

ping 10.20.30.9 source 10.27.130.1

Windows firewall is off on dhcp server?

krishna das · ‎12-10-2015

No, DHCP server have not default gateway. DHCP server directly connected to switch port 3/0/24.I didn't check that ping, tomorrow only I can check. Windows firewall is off in DHCP server. There is any other problem on my configuration.

Thanks for your replay