Solved: Network setup SG300-10

nickreid90 · ‎01-01-2016

Good Evening,

I have a Cisco SG300-10 managed switch with three VLAN's configured

VLAN 10 - Guest network 192.168.10.1 255.255.255.0

VLAN 20 - Home network 192.168.20.1 255.255.255.0

VLAN 24 - Test lab network 192.168.24.1 255.255.255.0

I have assigned the VLAN's to some interfaces on the cisco.

I have my fibre internet connection configured on int 0 of my WatchGuard firewall. Int 1 on my firewall has an IP setup of 10.0.1.1/24 with DHCP enabled.

I currently have a cable from interface1 on the cisco going to interface 1 on the WatchGuard. I understand a static route and default gateways needs to configured on the cisco and VLAN's in order for the internet to pass through. As i'm unsure on how to do this and don't quite understand the concept I would really appreciate it if someone could help me?

Many Thanks,

Nick

Philip D'Ath · ‎01-02-2016

Yes I like the Catalyst switches.

ip routing

interface Gigabit0/0

no switchport

ip address 10.0.1.2 255.255.255.0

ip route 0.0.0.0 0.0.0.0 10.0.1.1

interface vlan 10

ip address 192.168.10.1 255.255.255.0

ip helper-address <dhcp server>

interface vlan 20

ip address 192.168.20.1 255.255.255.0

ip helper-address <dhcp server>

interface vlan 24

ip address 192.168.24.1 255.255.255.0

ip helper-address <dhcp server>

View solution in original post

Philip D'Ath · ‎01-02-2016

I will try.

View solution in original post

Philip D'Ath · ‎01-01-2016

I don't think the SG300 is a layer 3 switch, so there is no need for routing on that side.

Do you have three spare ports on your SG300?

If so, probably the easiest solution is to setup three interfaces on your watch guard, Guest, Home and Test using the IP address you have given. Then setup three access ports on your SG300 for the same VLANs, and plug the three firewall interfaces into your three switch interfaces.

If you are low on ports than you are going to need to configure VLAN trunking if the watch guard supports this.

The watchguard will be doing all the DHCP and routing.

nickreid90 · ‎01-02-2016

Hi P.dath

The SG300-10 does support Layer 3. I forgot to mention on my first post that I have the switch in this mode.

I would be very great full if you could assist me with the commands for the routing as I want to achieve the routing through the Cisco?

Many Thanks,

nick

Philip D'Ath · ‎01-02-2016

Well that does make life easier. Can you make a port "no switchport" and put an IP address on it directly? If so configure the Watchguard to use this port.

Otherwise add an extra VLAN for connecting to the Watchguard and assign it to a power as an access port.

nickreid90 · ‎01-02-2016

For example if I set ge1 to "no switchport" and set an IP address on the same range as my Watchguard like 10.0.1.2?

Currently my Watchguard is on 10.0.1.1

I did try assigning a port last night but found no success. Would you be able to provide me the commands?

thank you for your prompt replies

thanks

nick

Philip D'Ath · ‎01-02-2016

That is the right idea. I'm not familiar with that series to give you the commands alas.

The SG300 will also need a default route via the Watchguard (10.0.1.1).

The Watchguard all also need routes for 192.168.10.0/24, 192.168.20.0/24 and 192.168.24.0/24 via 10.0.1.2.

nickreid90 · ‎01-02-2016

You have just confirmed to me what I have been trying to do all along so I'm glad I was going down the right route.

Are you a Catalyst man? if so please let me know the CLI commands and I'm sure I will be able to work it out?

Thanks,

Nick

Philip D'Ath · ‎01-02-2016

Yes I like the Catalyst switches.

ip routing

interface Gigabit0/0

no switchport

ip address 10.0.1.2 255.255.255.0

ip route 0.0.0.0 0.0.0.0 10.0.1.1

interface vlan 10

ip address 192.168.10.1 255.255.255.0

ip helper-address <dhcp server>

interface vlan 20

ip address 192.168.20.1 255.255.255.0

ip helper-address <dhcp server>

interface vlan 24

ip address 192.168.24.1 255.255.255.0

ip helper-address <dhcp server>

nickreid90 · ‎01-02-2016

These commands make sense I should be able to ajust them a little to work on my SG300-10.

If I get stuck are you happy for me to reply on this thread?

Thanks again

Nick

Philip D'Ath · ‎01-02-2016

I will try.

nickreid90 · ‎01-12-2016

I managed to suss it out Thanks for your help