01-20-2018 11:46 AM - edited 03-08-2019 01:29 PM
Hay Guys,
currently i setup my first Cisco switch and have a Problem.
I go inside in the Cisco switch, with the following:
-> Buissnes Network (untagged)
-> Guest Network with VLAN40 tagged
on with way i can route the VLAN 40 Tagged Data from my Router over the Port 5 of the C2960S switch to Port 30 - 34. On this Ports i must have the untagged and the Tagged Data.
So i need on all Ports the Untagged VLAN, on the Ports 30 - 34 the Tagged VLAN 40 from the Router and the Untagged from the Router. My AP use the Tagged to route the Guest Portal.
Regards
Regards and THX
01-20-2018 11:57 AM
01-20-2018 12:01 PM
Hay,
sorry!
Now a litte better with an Image!
Input Eth5 from Cisco C2960S is connected to my Router that sends Untagged LAN 192.168.178.xxx with DHCP and Tagged VLAN 40 at IP 192.168.178.2.1 over this Cable.
Now i must Route to all Ports the Untagged IP 192.168.178.xxx and specialy to the Ports 30-34 the VLAN40 from my Router.
01-20-2018 12:08 PM
How your router is configured?
On your design, there's a server on untagged vlan 178.... Where is the default gateway of that subnet?
On the switch this server will be part of another vlan as the subnet is different for the one you called untagged and vlan 40. This means that if the default gateway is on the router, then you won't have 2 untagged vlan. Only 1 will be the native vlan and the other 2 tagged.
Let's assume your untagged router subnet will be vlan 10 on the switch and you also have vlan 40.
Below a quick sample of the Cisco switch config:
vlan 10
name UntaggedVlan
vlan 40
name VLAN040
!
interface g0/5
description Interface to Router
switchport mode trunk
switchport trunk allowed vlan 40
switchport trunk native vlan 10
!
interface range g0/30 - 35
description To APs
switchport mode trunk
switchport trunk allowed vlan 40
switchport trunk native vlan 10
!
01-20-2018 01:32 PM
Hay,
now i think i understand it better!
Is it required to set all Ports to Native VLAN 10 to have on all other Ports the untagged incommig IP Range 192.168.178.xxxx?
01-20-2018 05:04 PM
01-21-2018 02:31 PM
So now i Try the Config, i got the Buissnes Net (untagged) on all required Ports. Also i Configure Port 48 for direct Access to the Guest Network VLAN40.
But my Ports like 11 dont can handle Data on VLAN40, i get acces over the untagged Native VLAN but not over the Trunked VLAN 40
Port 1/0/17 is the Trunk in from my Router with the untagged Buissnes and the Guest VLAN with ID 40
Port 1/0/11 is a Accesspoint that requires Acces to the Buissnes net (untagged) this works and it requires the VLAN 40 Tagged packaged (also Tagged out on this Port). But it wont work :(
Her is my config
! interface GigabitEthernet1/0/11 description BIERGARTEN switchport trunk allowed vlan 40 end Name: Gi1/0/11 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: 40 Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none ! interface GigabitEthernet1/0/17 description TRUNK_PORT switchport trunk allowed vlan 40 end Name: Gi1/0/17 Switchport: Enabled Administrative Mode: dynamic auto Operational Mode: static access Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: native Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: 40 Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4 Gi1/0/5, Gi1/0/6, Gi1/0/7, Gi1/0/8 Gi1/0/9, Gi1/0/10, Gi1/0/11 Gi1/0/12, Gi1/0/13, Gi1/0/14 Gi1/0/15, Gi1/0/16, Gi1/0/17 Gi1/0/18, Gi1/0/19, Gi1/0/20 Gi1/0/21, Gi1/0/22, Gi1/0/23 Gi1/0/24, Gi1/0/25, Gi1/0/26 Gi1/0/27, Gi1/0/28, Gi1/0/29 Gi1/0/30, Gi1/0/31, Gi1/0/32 Gi1/0/33, Gi1/0/34, Gi1/0/35 Gi1/0/36, Gi1/0/37, Gi1/0/38 Gi1/0/39, Gi1/0/40, Gi1/0/41 Gi1/0/42, Gi1/0/43, Gi1/0/44 Gi1/0/45, Gi1/0/46, Gi1/0/47 Gi1/0/49, Gi1/0/50, Gi1/0/51 Gi1/0/52 40 Guest active Gi1/0/48 1002 fddi-default act/unsup 1003 token-ring-default act/unsup
01-21-2018 02:47 PM
01-21-2018 03:14 PM
Hay,
on Port 11 i have acces to the Managment Interface of the Accesspoint in the untagged Network (192.168.178.10), but no Access to the Tagged network (VLAN40) if i connect a "unmanaged" switch betwen the Router and the Accespoint, all works fine, the Cisco blocks the Traffic / dont send the traffic to him :( i have mor ports that have the same Problem
But i can Acces the VALN40 on Port 48, its configured as Static Acces to this VLAN.
Attached you see the Config of the Router and the Accespoint, this Config works the last 2 Years without the C2960S well...
01-21-2018 03:37 PM
01-22-2018 01:20 AM
Hay,
so the Router (second Image) has on VLAN3 the Config for the Tagged VLAN.
The System Works fine with an Unmanaged Netgear GS108 Switch. Only the Cisco switch dont pass the Data!
The Wireless Config from this Picture is only for the Integrated Wifi of the Router and dosent depends on this Wired Soulution / Problem.
The Cisco is Connected to Port 2, its on the Cisco the 1/0/17 Port. The Cisco Received the Tagged Data, i configure the Port 48 with Static Acces and get an IP and can communicate with this Subnet. So i think the Data are missing to the trunk ports
GigabitEthernet1/0/48 is down, line protocol is down (notconnect) Hardware is Gigabit Ethernet, address is a0cf.5b85.cbb0 (bia a0cf.5b85.cbb0) Description: VLAN40_ACCES MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Auto-duplex, Auto-speed, media type is 10/100/1000BaseTX input flow-control is off, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input never, output 12:29:02, output hang never Last clearing of "show interface" counters never Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 12376 packets input, 1472121 bytes, 0 no buffer Received 8253 broadcasts (765 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 765 multicast, 0 pause input 0 input packets with dribble condition detected 7182 packets output, 2547056 bytes, 0 underruns 0 output errors, 0 collisions, 1 interface resets 0 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out Name: Gi1/0/48 Switchport: Enabled Administrative Mode: static access Operational Mode: down Administrative Trunking Encapsulation: dot1q Negotiation of Trunking: Off Access Mode VLAN: 40 (Guest) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk associations: none Administrative private-vlan trunk mappings: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none
01-22-2018 05:09 AM
01-22-2018 05:18 AM
01-22-2018 05:53 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide