Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
9088
Views
0
Helpful
8
Replies

SG500 VLAN inter vlan routing

jdurrence
Level 1
Level 1

‎02-12-2013 02:13 PM - edited ‎03-07-2019 11:40 AM

We are installing a Mitel VoIP system.  The switch is in layer 3 mode.   My data is currently on VLAN 1, untagged and PVID 1 (10.10.1.0/24).  In preparation for the new VoIP, I setup a VLAN 30.   It is VLAN 30, tagged (10.10.2.0/24).  The ports are in trunk mode, Voice VLAN is set to 30.  When I check a port it is listed as 1UP, 30T.  This works for the phones, but the routing between VLANs does not work.   I've setup the interfaces as 10.10.1.1 and 10.10.2.1.  From the SG500, it can ping both interfaces.  I can also ping both interfaces from a computer on either VLAN, but nothing beyond that.  I.E.   I have a laptop on VLAN 30 that can ping both VLAN interfaces but not ping a computer on VLAN 1.   Also, I can ping both interfaces from a computer on VLAN 1, but not the laptop on VLAN 30.  So thru my testing I have found if I change the port the laptop is on:

Vlan1 = excluded

Vlan30 = Untagged, PVID

I can ping the laptop from the computer on Vlan1

I can ping from the laptop to the VLan30 interface

Change it to:

Vlan1 = untagged, PVID

Vlan30 = tagged

I can no longer ping the laptop from the computer on Vlan1

I can no longer ping from the laptop to the Vlan30 interface.

I guess my question is that I've used VLANs before, but all traffic was untagged, just used different subnets and the SG500 could inter route just fine.  Now that one VLAN has untagged traffic (data) and the other VLAN has tagged traffic (Voice), the SG500 seems to not be able to route the traffic across the two VLANs.   The Mitel controller is on the VLAN 30 side and I need to use a web browser on the VLAN 1 side to http into the admin portal.   I'm not sure if this is the way tagged and untagged VLANs are suppose to work vs. multiple VLANs with all traffic untagged.   I need to be able to use QoS on the voice traffic, but I guess it doesn't have to be on another VLAN.   Just trying to follow best practice.

Any one have suggesstions.

Labels:
0 Helpful
8 Replies 8

Tom Watts
VIP Alumni
VIP Alumni

‎02-12-2013 05:43 PM

Hi Jdurrence, can you do a trace route from computer A in vlan 1 to computer B in vlan 2? This should complete with 1 hop.

Let me know the result (assuming you do not have firewalls on the computers blocking anything)

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

jdurrence
Level 1
Level 1
In response to Tom Watts

‎02-12-2013 07:17 PM

When I ping it, the first hop is from the VLAN1 interface, there is not a 2nd hop, but on line two, it says 10.10.1.1 reports:

destination host unreachable.

0 Helpful

Tom Watts
VIP Alumni
VIP Alumni
In response to jdurrence

‎02-13-2013 04:23 AM

Hi J, Are you running 1.2.7.76 firmware?

Can you please post a snapshot of the configuration of the switch and also a snapshot of the configuration of both computers NIC?

The switch configuration should be something like

config t

vlan database

vlan 30

int vlan 1

ip address 192.168.1.254 /24

int vlan 30

ip address 192.168.2.254 /24

interface gi1/1/2

switchport mode access

switchport access vlan 30

Your computer NIC configuration should be something like

Computer A in Vlan 1 -

192.168.1.10

255.255.255.0

192.168.1.254

Computer B in Vlan 30 -

192.168.2.10

255.255.255.0

192.168.2.254

Also remember don't try to use host name, just use IP address for this purpose.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

jdurrence
Level 1
Level 1
In response to Tom Watts

‎02-13-2013 05:39 AM

The laptop is 192.168.2.254, 255.255.255.0, 192.168.2.1 for the gateway.  The desktop is 192.168.1.200, 255.255.255.0, 192.168.1.1 for the gateway.  Below is the running config.  I am running v1.2.7.76.

config-file-header

SG500

v1.2.7.76 / R750_NIK_1_2_584_002

CLI v1.0

file SSD indicator encrypted

@

ssd-control-start

ssd config

ssd file passphrase control unrestricted

no ssd file integrity control

ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0

!

vlan database

vlan 30

exit

voice vlan id 30

voice vlan state disabled

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

voice vlan oui-table add 08000f Mitel_phone

bonjour interface range vlan 1

hostname SG500

management access-list All-Access

permit ip-source 192.168.1.1 mask 255.255.255.0 vlan1

exit

management access-class All-Access

username cisco password encrypted fd955e6a81dejlwkje944102f69bcf21c0 privilege 15

ip ssh server

snmp-server location "Office"

clock timezone " " -5

clock summer-time web recurring usa

clock source sntp

sntp unicast client enable

sntp unicast client poll

sntp server 132.163.4.101 poll

ip name-server  4.2.2.2

ip telnet server

!

interface vlan 1

ip address 192.168.1.1 255.255.255.0

no ip address dhcp

!

interface vlan 30

name Voice

ip address 192.168.2.1 255.255.255.0

!

interface gigabitethernet1/1/1

shutdown

switchport mode access

!

interface gigabitethernet1/1/2

switchport mode access

!

interface gigabitethernet1/1/3

switchport mode access

!

interface gigabitethernet1/1/4

switchport mode access

!

interface gigabitethernet1/1/6

switchport mode access

!

interface gigabitethernet1/1/7

switchport mode access

!

interface gigabitethernet1/1/8

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

macro description "ip_phone_desktop "

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet1/1/9

switchport mode access

!

interface gigabitethernet1/1/10

switchport mode access

!

interface gigabitethernet1/1/11

switchport mode access

!

interface gigabitethernet1/1/12

switchport mode access

!

interface gigabitethernet1/1/13

switchport mode access

!

interface gigabitethernet1/1/14

switchport mode access

!

interface gigabitethernet1/1/15

switchport mode access

!

interface gigabitethernet1/1/16

switchport mode access

!

interface gigabitethernet1/1/17

switchport mode access

!

interface gigabitethernet1/1/18

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet1/1/19

switchport mode access

!

interface gigabitethernet1/1/20

switchport mode access

!

interface gigabitethernet1/1/21

switchport mode access

!

interface gigabitethernet1/1/22

switchport mode access

!

interface gigabitethernet1/1/23

switchport mode access

!

interface gigabitethernet1/1/24

switchport trunk allowed vlan add 30

!

interface gigabitethernet1/1/25

switchport mode access

!

interface gigabitethernet1/1/26

switchport mode access

!

interface gigabitethernet1/1/27

switchport mode access

!

interface gigabitethernet1/1/28

switchport mode access

!

interface gigabitethernet1/1/29

switchport mode access

!

interface gigabitethernet1/1/30

switchport mode access

!

interface gigabitethernet1/1/31

switchport mode access

!

interface gigabitethernet1/1/32

switchport mode access

!

interface gigabitethernet1/1/33

switchport mode access

!

interface gigabitethernet1/1/34

spanning-tree link-type point-to-point

switchport mode access

macro description switch

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet1/1/35

switchport mode access

!

interface gigabitethernet1/1/36

switchport mode access

!

interface gigabitethernet1/1/37

switchport mode access

!

interface gigabitethernet1/1/38

switchport mode access

!

interface gigabitethernet1/1/39

switchport mode access

!

interface gigabitethernet1/1/40

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet1/1/41

switchport mode access

!

interface gigabitethernet1/1/42

switchport mode access

!

interface gigabitethernet1/1/43

switchport mode access

!

interface gigabitethernet1/1/44

switchport mode access

!

interface gigabitethernet1/1/45

switchport mode access

!

interface gigabitethernet1/1/46

switchport mode access

!

interface gigabitethernet1/1/47

switchport mode access

!

interface gigabitethernet1/1/48

switchport mode access

!

interface gigabitethernet1/1/49

switchport mode access

!

interface gigabitethernet1/1/50

switchport mode access

!

interface gigabitethernet2/1/1

switchport mode access

!

interface gigabitethernet2/1/2

switchport mode access

!

interface gigabitethernet2/1/3

switchport mode access

!

interface gigabitethernet2/1/4

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/5

switchport mode access

!

interface gigabitethernet2/1/6

switchport mode access

!

interface gigabitethernet2/1/7

switchport mode access

!

interface gigabitethernet2/1/8

switchport mode access

!

interface gigabitethernet2/1/9

switchport mode access

!

interface gigabitethernet2/1/10

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/11

switchport mode access

!

interface gigabitethernet2/1/12

switchport mode access

!

interface gigabitethernet2/1/13

switchport mode access

!

interface gigabitethernet2/1/14

switchport mode access

!

interface gigabitethernet2/1/15

switchport mode access

!

interface gigabitethernet2/1/16

switchport mode access

!

interface gigabitethernet2/1/17

switchport mode access

!

interface gigabitethernet2/1/18

switchport mode access

!

interface gigabitethernet2/1/19

switchport mode access

!

interface gigabitethernet2/1/20

switchport mode access

!

interface gigabitethernet2/1/21

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/22

switchport mode access

!

interface gigabitethernet2/1/23

switchport mode access

!

interface gigabitethernet2/1/24

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/25

switchport mode access

!

interface gigabitethernet2/1/26

switchport mode access

!

interface gigabitethernet2/1/27

switchport mode access

!

interface gigabitethernet2/1/28

switchport mode access

!

interface gigabitethernet2/1/29

switchport mode access

!

interface gigabitethernet2/1/30

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/31

switchport mode access

!

interface gigabitethernet2/1/32

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/33

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet2/1/34

switchport mode access

!

interface gigabitethernet2/1/35

switchport mode access

!

interface gigabitethernet2/1/36

switchport mode access

!

interface gigabitethernet2/1/37

switchport mode access

!

interface gigabitethernet2/1/38

switchport mode access

!

interface gigabitethernet2/1/39

switchport mode access

!

interface gigabitethernet2/1/40

switchport mode access

!

interface gigabitethernet2/1/41

switchport mode access

!

interface gigabitethernet2/1/42

switchport mode access

!

interface gigabitethernet2/1/43

switchport mode access

!

interface gigabitethernet2/1/44

switchport mode access

!

interface gigabitethernet2/1/45

switchport mode access

!

interface gigabitethernet2/1/46

switchport mode access

!

interface gigabitethernet2/1/47

switchport mode access

!

interface gigabitethernet2/1/48

switchport mode access

!

interface gigabitethernet2/1/49

switchport mode access

!

interface gigabitethernet2/1/50

switchport mode access

!

interface gigabitethernet3/1/1

switchport mode access

!

interface gigabitethernet3/1/2

switchport mode access

!

interface gigabitethernet3/1/3

switchport mode access

!

interface gigabitethernet3/1/4

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet3/1/5

switchport mode access

!

interface gigabitethernet3/1/6

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet3/1/7

switchport mode access

!

interface gigabitethernet3/1/8

switchport mode access

!

interface gigabitethernet3/1/9

switchport mode access

!

interface gigabitethernet3/1/10

switchport mode access

!

interface gigabitethernet3/1/11

switchport mode access

!

interface gigabitethernet3/1/12

switchport mode access

!

interface gigabitethernet3/1/13

switchport mode access

!

interface gigabitethernet3/1/14

switchport mode access

!

interface gigabitethernet3/1/15

switchport mode access

!

interface gigabitethernet3/1/16

switchport mode access

!

interface gigabitethernet3/1/17

switchport mode access

!

interface gigabitethernet3/1/18

switchport mode access

!

interface gigabitethernet3/1/19

switchport mode access

!

interface gigabitethernet3/1/20

switchport mode access

!

interface gigabitethernet3/1/21

switchport mode access

!

interface gigabitethernet3/1/22

switchport mode access

!

interface gigabitethernet3/1/23

switchport trunk allowed vlan add 30

!

interface gigabitethernet3/1/24

switchport mode access

!

interface gigabitethernet3/1/25

switchport mode access

!

interface gigabitethernet3/1/26

switchport mode access

!

interface gigabitethernet3/1/27

switchport mode access

!

interface gigabitethernet3/1/28

switchport mode access

!

interface gigabitethernet3/1/29

switchport mode access

!

interface gigabitethernet3/1/30

switchport mode access

!

interface gigabitethernet3/1/31

switchport mode access

!

interface gigabitethernet3/1/32

switchport mode access

!

interface gigabitethernet3/1/33

switchport mode access

!

interface gigabitethernet3/1/34

switchport mode access

!

interface gigabitethernet3/1/35

storm-control broadcast enable

storm-control broadcast level 10

storm-control include-multicast

port security max 10

port security mode max-addresses

port security discard trap 60

spanning-tree portfast

switchport mode access

macro description ip_phone_desktop

!next command is internal.

macro auto smartport dynamic_type unknown

!

interface gigabitethernet3/1/36

switchport mode access

!

interface gigabitethernet3/1/37

switchport mode access

!

interface gigabitethernet3/1/38

switchport mode access

!

interface gigabitethernet3/1/39

switchport mode access

!

interface gigabitethernet3/1/40

switchport mode access

!

interface gigabitethernet3/1/41

switchport mode access

!

interface gigabitethernet3/1/42

switchport mode access

!

interface gigabitethernet3/1/43

switchport mode access

!

interface gigabitethernet3/1/44

switchport mode access

!

interface gigabitethernet3/1/45

switchport mode access

!

interface gigabitethernet3/1/46

switchport mode access

!

interface gigabitethernet3/1/47

switchport mode access

!

interface gigabitethernet3/1/48

switchport mode access

!

interface gigabitethernet3/1/49

switchport mode access

!

interface gigabitethernet3/1/50

switchport mode access

!

no macro auto processing cdp

macro auto processing type ap disabled

ip route 0.0.0.0 0.0.0.0 172.20.9.254 

0 Helpful

Tom Watts
VIP Alumni
VIP Alumni
In response to jdurrence

‎02-13-2013 06:43 AM

Hi J, unless I missed it, I do not see any port set to vlan 30.

All ports read switchport mode access or a macro port.

When using the voice vlan, the data vlan is untagged, voice vlan is tagged. The native vlan will still remain 1.

The way it seems to me you basically have 2 computers in vlan 1 with different network IP.

Can you verify one port is set up as vlan 30 native then connect the respective computer?

int gi1/1/10

switchport access vlan 30

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

jdurrence
Level 1
Level 1
In response to Tom Watts

‎02-13-2013 03:48 PM

I finally got this fixed.   I'm still not 100% sure why it didn't work before, but this was all for a Mitel VoIP system.  The installer had not been setting the phones to use VLAN30.  Once I changed that on each phone and made the ports trunks, vlan1 untagged, and vlan 30 tagged, it all started routing and letting me ping.  Thanks so much for the help Tom!

0 Helpful

Mike Hogenauer
Level 1
Level 1

‎02-13-2013 09:30 PM

Hi J,

I'm having the same issue and it's driving me MAD! I have almost your exact same config. I've have the VLAN1 as the default

And I’ve created Vlan 2 for Voice and we’re installing Mitel phones. Problem is that I can’t ping ant device even the Layer 3 interface of the VoIP VLAN. Did just telling the phones to Tag for the Voice VLAN solve it? I’ve left all ports as trunks and daisy chained the PC’s off the back of the phones.  Any help would be greatly appreciated.

0 Helpful

jdurrence
Level 1
Level 1
In response to Mike Hogenauer

‎02-13-2013 10:03 PM

Telling the phones to tag the traffic solved like 90% of my problems.  Go on the config on the phones and verify that it is using your vlan 2.  My setup was saying vlan none.  If you need to change it on the phone,  it is under the L2 settings.  Also on any port that had a phone,  make sure it is set as a trunk.  Then under port to vlan,  make it be vlan 1 untagged, and vlan 2 tagged.  Also on the trunk port settings for the port that has the mitel switch plugged in it,  set it to vlan 2 as pvid and untagged.  Hope this helps,  let me know.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card