Re: Setting Up a Cisco 3750G switch for a physical and a virtual network on separate VLANs

ServerOps · ‎10-30-2020

We are reconfiguring our networks and I have yet to work with our switches (or any for that matter). The cisco guides are pretty straight forward but have proven to not be particularly helpful in this case.

We have 3 esxi servers running VMWare and 3 networks. Network 1 is running off a netgear router and I have no issue configuring that network in VLAN 2 on our Cisco 3750G switch for the ports I want to be affiliated with that netowork. Network 2 is also on a netgear router and the only thing its connected to is our 3 esxi hosts. That network is then put through an IPFire firewall VM on host 1 and the backend of that firewall is network 3. In order for VMs to communicate across esxi hosts on network 3 we had to assign network 3 a NIC on each server machine and connect them via a physical switch. We used a Cisco Small business SG-100D 08 and from first plugin the esxi host were all communicating across network 3, no issue. When I set up VLAN 1 on the 3750G however, network 3 is not reaching esxi host 2 and 3, meaning any VMs running on them arent connected to the network.

My question is this, why does the small business switch work right off the bat and I can't get the 3750G to connect the host? Is there a way to get it to work? Even with IP routing, I can't ping the switch IP from esxi 1 which makes it seem like the router and the switch don't even see each other. We can use the Small Business switch if the 3750G doesn't work but it's not ideal.

Joseph W. Doherty · ‎10-30-2020

The 3750G will not transfer traffic between VLANs unless it's running in routing mode (I recall it defaults to non-routing mode) and you have SVIs for the VLANs. (Actually, in routing mode, the 3750G, in conjunction with other devices, doesn't need SVIs, but it's a bit unclear, to me, what's your network topology, so I mention the SVI approach. I.e. SVIs may not be required, but to route on the 3750G, it does need to be in routing mode [configured with "ip routing"].)

I don't know the defaults for Cisco SMB switches or even, without researching them, know if they are L2 or L2/L3.

paul driver · ‎10-30-2020

Hello
SG-100D 08 <> 3750G - Have tried changing the speed/duplex setting on the 3750G switchports?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Richard Burts · ‎10-31-2020

I am not clear about the topology in this situation. The original post is fairly clear about Network 1 being in vlan 2. There is a network 2 and it is described as being on netgear router and 3 esxi hosts but it is not clear if this also connects to 3750 and if so in what vlan? We are told that network 2 is put through a firewall and on the backend becomes Network 3. Each host has a nic for network 3 which are connected using SG-100D (am I correct to assume that this would be in vlan 1?). We are then told that when vlan 1 is used on 3750 that network 3 has connectivity issues. But we are not told what is using vlan 1 on the 3750. If we could get some clarification about these relationships perhaps we could better identify the problem. Based on the limited information we have at this point my best guess is that there is a spanning tree issue when vlan 1 from SG-100D is connected to vlan 1 on 3750.

HTH

Rick

ServerOps · ‎11-09-2020

I apologize for late response. Let me do my best to clarify, I made up this quick chart of what it should roughly look like.

The SG-100D was being used in the same capacity that VLAN 1 would hopefully be used in. The idea is not using the SG-100D and using the 3750.

The other thing is we don't want the switch managed off of network 3 which is why we have network 1 on the switch. For context, this is for a pen testing learning lab and we just don't want the switch management accessible to Kali.