09-06-2017 03:13 PM - edited 03-08-2019 11:56 AM
Hi all,
I want to connect a Small Business to the 3560.
I did follow this guide to try to understand how is it working: Cisco 200/300 models
> 3560
interface g0/1
switchport trunk encapsulation dot1q
switchport mode trunk
> SG300-52
Port g49
Set it as trunk port, allowed vlans 1, 100.
All VLANs tagged in that port.
Port g50
Set it as access port, vlan 100 untagged. Also PVID marked.
I can't ping the 3560 or the gateway. No internet access also.
Any advice would be appreciate it.
Thanks.
09-06-2017 03:48 PM
Hello,
Assuming you are facing a layer two problem as you suppose:
show interface g0/1 switchport on 3560
show run interface g0/1
show interface g0/1 status
show spanning-tree interface g0/1 detail
09-07-2017 08:22 AM
09-07-2017 09:06 AM
The Core switch part looks ok:
Port Name Status Vlan Duplex Speed Type
Gi0/1 connected trunk a-full a-1000 10/100/1000BaseTX
SWITCH-CORE-1#show spanning-tree interface g0/1 detail
Port 1 (GigabitEthernet0/1) of VLAN0001 is designated forwarding
The problem now is validate the SG300 with web interface but as per your prints looks ok.
Can you explain better how does layer 3 setup works on your case. I mean, layer 2 setp looks ok, but what about layer 3?
You can put a simple draw if possible.
09-07-2017 09:38 AM
09-07-2017 09:57 AM
The thing is, as long as the trunk on the core switch is shown as connected and the port is shown by spanning-tree as forwarding, this means that the communication in layer 2 should be ok.
If you dont ping the gateway, which should be the first test to do, we need to think if layer 3 configurations is correct.
How does the PC connected on the access point of SG is geeting IP? is it DHCP or static IP?
If DHCP is it really getting IP or woring with APIPA address? If static Is it correctly configured in terms of subnet mask?
What I mean is that to ping and surf on the web we need all layers ok. For your case, I´d say that L1 e L2 is ok.
09-07-2017 10:06 AM - edited 09-07-2017 10:10 AM
We're using static IP in the PC to test, it is assigned to VLAN 100 which is 10.57.80.0/24.
PC: 10.57.80.100
Gateway: 10.57.80.1
I was thinking in do a factory reset and upgrade the firmware of the SG300, I don't know what else to do.
EDIT: Our gateway is an Hillstone UTM, we're managing this with subinterfaces in it. But still, we can't even ping the SWITCH-CORE-1.
09-07-2017 07:42 AM
please share configuration of all your devices....
09-07-2017 08:21 AM
09-07-2017 01:25 PM
Hi,
This may be due to the interface on your Cisco Catalyst 3560 not having VLAN 100 as a defined VLAN.
To verify this, issue the following command on the Cisco Catalyst 3560;
sh interface Gi0/1trunk
I would assume that you would need to allow the VLAN for this to function as intended;
*Cisco Catalyst 3560*
!
interface GigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,100
switchport mode trunk
!
Hope this helps
Regards
Matt Jones
09-07-2017 02:14 PM
Hi Matt,
I did test with the "switchport trunk allowed vlan 1,100" with the same result, still nothing.
Thank you.
09-07-2017 02:41 PM
09-07-2017 02:54 PM
Of course,
SWITCH-CORE-1#show inter g0/1 trunk
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1,100
Port Vlans allowed and active in management domain
Gi0/1 1,100
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1,100
SWITCH-CORE-1#
09-07-2017 03:00 PM
09-07-2017 03:02 PM
No problem, yes, it is created in the SG300 aswell.
Also tagged in the g49 port (Trunk).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide