Vlan Configuration between Cisco C3560X and Sonicwall E5500 ? - Page 2

vinish milton · ‎08-16-2013

Hi,

I am new the Vlan configuration. Recently I have purchase cisco L3. I want my sonicwall to be the primary L3 routing. We have around 2000 users. Users need to be get ip from sonicwall(DHCP).

My ip plan is as below.

Sonicwall Ip : 10.10.20.1

Cisco 3560 Management Vlan1 ip : 10.10.20.2

Vlan 10 : 10.10.0.1/255.255.252.0

Vlan 20 : 10.20.0.1/255.255.254.0

Vlan 30 : 10.30.0.1/255.255.254.0

vlan 40 : 10.40.0.1/255.255.252.0

Vlan 50 : 10.50.0.1/255.255.255.254.0

Vlan 60 10.60.0.1/255.255.255.0

Vlan 70 ip : 10.70.0.1/255.255.254.0

Vlan 80 : 10.80.0.1/255.255.254.0

All Vlan port will connected to respective building L2 switch( like Vlan 10 Port 1 connected to Academic building cisco L2 switch, Vlan 20 port 2 connected to mechanical building L2 et.,) I have 8 access points. It connected to L2 switches. Access point controller connected to L3 switch. User will be get ip from sonicwall.

How can I configure L3 and L2 switch? Pl guide.

Thanks.

vinish milton · ‎08-21-2013

hi,

i had done all configuration, now all Vlan is working fine and VLan users able to get internet. Now my problem is sonicwall did't get any VLAN ARP entry except 10.10.20.x. I had talk to sonicwall expert, he say need to be check & configure at Cisco L3 then only ARP entry wiill catch Sonicwall. Can you please tell me how can i configure at L3.

Thanks.

Chandhuru sekaran marimuthu · ‎08-21-2013

Hi Vinish,

Can you please show me the VLAN ARP configuration description so that i can resolve your issue.

Thanks and regards,

Chandhuru.M

Thanks and regards, Chandhuru.M

vinish milton · ‎08-21-2013

Hi Chandhur,

pl see the L3 configuration.

User Access Verification

Switch#sh run

Building configuration...

Current configuration : 6453 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Switch

!

boot-start-marker

boot-end-marker

!

enable secret 5 $1$rv8J$rIMAenBP8yMbdlr2HbFPM.

!

no aaa new-model

system mtu routing 1500

ip routing

!

crypto pki trustpoint TP-self-signed-1787939840

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1787939840

revocation-check none

rsakeypair TP-self-signed-1787939840

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface FastEthernet0

shutdown

!

interface GigabitEthernet0/1

shutdown

!

interface GigabitEthernet0/2

shutdown

!

interface GigabitEthernet0/3

shutdown

!

interface GigabitEthernet0/4

shutdown

!

interface GigabitEthernet0/5

shutdown

!

interface GigabitEthernet0/6

shutdown

!

interface GigabitEthernet0/7

shutdown

!

interface GigabitEthernet0/8

shutdown

!

interface GigabitEthernet0/9

shutdown

!

interface GigabitEthernet0/10

!

interface GigabitEthernet0/11

description connected to Academic Building L2

switchport access vlan 10

switchport mode access

!

interface GigabitEthernet0/12

description connected to Mechanical building L2

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,10,20,30,40,50,60,70,80,90

switchport mode trunk

!

interface GigabitEthernet0/13

description connected to admin L2

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,10,20,30,40,50,60,70,80,90

switchport mode trunk

!

interface GigabitEthernet0/14

description connected to Diploma

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,10,20,30,40,50,60,70,80,90

switchport mode trunk

!

interface GigabitEthernet0/15

description connected to MBA

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,10,20,30,40,50,60,70,80,90

switchport mode trunk

!

interface GigabitEthernet0/16

description connected to Workshop L2

switchport access vlan 60

switchport mode access

!

interface GigabitEthernet0/17

description connected to E&TC

switchport access vlan 70

switchport mode access

!

interface GigabitEthernet0/18

description connected to Computer

switchport access vlan 80

switchport mode access

!

interface GigabitEthernet0/19

description connected to AP controloer

switchport mode access

!

interface GigabitEthernet0/20

description connected to Test switch

switchport access vlan 90

switchport mode access

!

interface GigabitEthernet0/21

switchport access vlan 90

switchport mode access

!

interface GigabitEthernet0/22

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,10,20,30,40,50,60,70,80,90

switchport mode trunk

!

interface GigabitEthernet0/23

description connected to E5500

switchport mode access

!

interface GigabitEthernet0/24

Shutdown

!

interface GigabitEthernet1/1

!

interface GigabitEthernet1/2

!

interface GigabitEthernet1/3

!

interface GigabitEthernet1/4

!

interface TenGigabitEthernet1/1

!

interface TenGigabitEthernet1/2

!

interface Vlan1

ip address 10.10.20.2 255.255.255.0

no ip mroute-cache

!

interface Vlan10

ip address 10.10.0.1 255.255.252.0

ip helper-address 10.10.20.1

!

interface Vlan20

ip address 10.20.0.1 255.255.254.0

ip helper-address 10.10.20.1

!

interface Vlan30

ip address 10.30.0.1 255.255.254.0

ip helper-address 10.10.20.1

!

interface Vlan40

ip address 10.40.0.1 255.255.252.0

ip helper-address 10.10.20.1

!

interface Vlan50

ip address 10.50.0.1 255.255.254.0

ip helper-address 10.10.20.1

!

interface Vlan60

ip address 10.60.0.1 255.255.255.0

ip helper-address 10.10.20.1

!

interface Vlan70

ip address 10.70.0.1 255.255.254.0

ip helper-address 10.10.20.1

!

interface Vlan80

ip address 10.80.0.1 255.255.254.0

ip helper-address 10.10.20.1

!

interface Vlan90

ip address 10.90.0.1 255.255.255.0

ip helper-address 10.10.20.1

!

ip default-gateway 10.10.20.1

ip classless

ip route 0.0.0.0 0.0.0.0 10.10.20.1

ip http server

ip http secure-server

!

snmp-server community public RO R0

!

line con 0

line vty 0 4

password

login

line vty 5 15

password

login

!

end

Switch#

Chandhuru sekaran marimuthu · ‎08-22-2013

Dear Vinish,

You made right configuration over in L3 switch. Once again check out the L2 switch configuration. I thought the problem over in Sonic wall.

Thanks and regards,

Chandhuru.M

Thanks and regards, Chandhuru.M

vinish milton · ‎08-22-2013

Dear Chandhuru,

Thanks for your reply, i have attched my sonicwall ARP configuraion. pl see

Chandhuru sekaran marimuthu · ‎08-23-2013

Dear Vinish,

Can you able to get VLAN ARP description in L3 switch. Using 'sh arp' command to get it and make sure the L3 switch could able to get ARP description. Let me know.

Thanks and regards,

Chandhuru.M

Thanks and regards, Chandhuru.M

vinish milton · ‎08-23-2013

Dear Chandhuru,

i am able to get VLAN ARP in L3. but my issue is i need to get same as my sonicwall, so that i can do Mac finding.

Switch#sh arp

Protocol Address Age (min) Hardware Addr Type Interface

Internet 10.80.1.91 22 6c62.6da3.1766 ARPA Vlan80

Internet 10.50.0.56 59 4437.e661.c0c0 ARPA Vlan50

Internet 10.70.1.77 6 0011.11c6.ca00 ARPA Vlan70

Internet 10.20.0.30 0 6c62.6d8c.588f ARPA Vlan20

Internet 10.80.0.91 8 4437.e661.2315 ARPA Vlan80

Internet 10.50.0.57 4 4437.e661.d520 ARPA Vlan50

Internet 10.30.1.20 107 0025.111b.da42 ARPA Vlan30

Internet 10.70.0.77 5 d43d.7ead.38ce ARPA Vlan70

Internet 10.20.1.30 8 6c62.6d8f.217e ARPA Vlan20

Internet 10.10.0.1 - 6c41.6a91.cc41 ARPA Vlan10

Internet 10.20.0.28 120 d43d.7e12.cbd2 ARPA Vlan20

Internet 10.30.1.23 134 d43d.7e12.cb17 ARPA Vlan30

Internet 10.80.0.88 123 6c62.6da3.1765 ARPA Vlan80

Internet 10.20.1.28 31 8c89.a5f6.72bf ARPA Vlan20

Internet 10.30.0.23 0 001f.d033.06da ARPA Vlan30

Internet 10.80.1.88 12 8c89.a5f6.7230 ARPA Vlan80

Internet 10.80.1.95 3 001f.d034.3163 ARPA Vlan80

Internet 10.80.0.95 0 d43d.7ead.3ed1 ARPA Vlan80

Internet 10.10.0.5 5 6c62.6d8c.538b ARPA Vlan10

Internet 10.80.1.93 111 4061.8663.6373 ARPA Vlan80

Internet 10.10.0.6 0 e839.35b0.684a ARPA Vlan10

Internet 10.80.0.93 3 4061.8663.6368 ARPA Vlan80

Internet 10.10.0.7 0 0021.5a5d.2c94 ARPA Vlan10

Internet 10.30.0.28 61 001f.d034.36de ARPA Vlan30

Internet 10.20.1.23 100 d43d.7e12.cad5 ARPA Vlan20

Internet 10.40.2.40 3 4437.e667.f84c ARPA Vlan40

Internet 10.80.0.82 3 4437.e668.1cd1 ARPA Vlan80

Internet 10.10.0.8 0 6c62.6da6.9735 ARPA Vlan10

Internet 10.10.1.8 16 001f.d031.9f05 ARPA Vlan10

Internet 10.30.1.28 27 001f.d030.622f ARPA Vlan30

Internet 10.20.0.23 6 d43d.7e12.cb22 ARPA Vlan20

Internet 10.80.1.82 0 d43d.7e12.cbdb ARPA Vlan80

Internet 10.10.0.9 32 0017.6110.933c ARPA Vlan10

Internet 10.10.2.8 72 8c89.a5f6.7033 ARPA Vlan10

Internet 10.50.0.50 0 4437.e661.c110 ARPA Vlan50

Internet 10.70.1.71 3 6c62.6da3.171e ARPA Vlan70

Internet 10.20.1.20 29 8c89.a5f6.726e ARPA Vlan20

Chandhuru sekaran marimuthu · ‎08-23-2013

Dear Vinish,

So that, from your post i came to know that L3 switch can able get ARP description and also L3 communicate with sonicwall. It means internet can be passing through the sonicwall and L3 to all VLANs so problem is not in L3 configuration.

My thought was sonicwall can able to get management VLANs ARP description only. It cant able to get the other VLANs ARP description. Just verify with your soniwall expert.

Thanks and regards,

Chandhuru.M

Thanks and regards, Chandhuru.M

vinish milton · ‎08-23-2013

Dear Chandhuru,

Thanks for your reply, i will talk to them & let you know.

vinish milton · ‎03-07-2014

Hi,

i want stop intervlan comunication between Vlan70 and all Vlans. how will i do that. pl guid

JDO · ‎02-09-2021

Hi All...

I have cisco 3650 switch. I have configured the vlan 10 and vlan 20 at the moment.

I also assigned port gi1/0/24 10.8.2.2 and connect to my Primary Sonicwall 10.8.2.1

And from my Primary Sonicwall connected to my ISP.

All the above have successfully connected to internet and able to communicate within the vlan.

I have another Secondary Sonicwall and already set as HA to my Primary Sonicwall. (Done & successfull)

But now i need to connect to my Secondary Sonicwall to my switch 3650 (the same switch as above) to port gi1/0/23.

How can i configure on that.

Vlan Configuration between Cisco and Sonicwall