Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1640
Views
0
Helpful
1
Replies

VLAN Setup on 3750

Raptor_45
Level 1
Level 1

‎06-18-2020 03:55 PM

Hello!

 

I'm trying to setup 2 simple VLANS with this 3750 switch to try to gain some more knowledge of VLANS. I'm not really a Cisco or Networking Expert, so I'm sorry if explanation or configuration isn't correct...

 

So I have a PfSense running as Router/Firewall and has 3 interfaces: WAN, LAN1 and LAN2 all separate network adapters.  Use to have a HP Pro Curve that was unmanaged, and LAN1 would uplink to a port on this switch. Wanted to make a separate network, so I added the 2nd interface (LAN2) on PfSense and had that going to another umanaged switch. 

 

Got a 3750, so wanted to use it as the main switch and just use 2 VLANS. I used VLAN1 (default) for LAN1 and made a Trunk port on the 3750 for it.

 

Added VLAN2 (LAN2) and made Trunk port that goes to interface LAN2. Added ports that would be on VLAN2 for access to only VLAN2. I don't want to route between the 2 VLANS.

 

I have a Windows Server on the 10.0.1.0 subnet with DHCP running. This VLAN appears to be working fine now, it can get a lease from the DHCP server and access the internet with the gateway set to: 10.0.1.1

 

But now devices on VLAN1 can't connect to the internet but it appears they can connect to other devices on the LAN. I also have DHCP running on this subnet from a Windows Server (10.0.0.0) subnet and devices aren't getting a lease any longer even if I try to do a renew. The Window Server can't access the internet, but can access other devices. It can access the internet if I change the primary DNS on the Static IP to 10.0.0.1, with is the default gateway (LAN1 interface on PfSense).

 

VLAN1 seemed to stop working when VLAN2 started working so I must have something wrong or way off. I'll attach 3750 config and VLAN output. The reason a couple ports have: spanning-tree portfast is that I read that i can cause a delay for DHCP devices if you don't have portfast so I added that. But I think I have a different issue. I'll paste 3750 config and VLANS below:

 

Any advice is appreciated, Thanks!

Current configuration : 5817 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!

!

!
!
no aaa new-model
switch 1 provision ws-c3750g-48ts
system mtu routing 1500

!
!

!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
ip ssh version 2
!
!
interface GigabitEthernet1/0/1
description LAN1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport mode access
!
interface GigabitEthernet1/0/3
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/4
switchport mode access
!
interface GigabitEthernet1/0/5
switchport mode access
!
interface GigabitEthernet1/0/6
switchport mode access
spanning-tree portfast
!
interface GigabitEthernet1/0/7
switchport mode access
!
interface GigabitEthernet1/0/8
switchport mode access
!
interface GigabitEthernet1/0/9
switchport mode access
!
interface GigabitEthernet1/0/10
switchport mode access
!
interface GigabitEthernet1/0/11
switchport mode access
!
interface GigabitEthernet1/0/12
switchport mode access
!
interface GigabitEthernet1/0/13
switchport mode access
!
interface GigabitEthernet1/0/14
switchport mode access
!
interface GigabitEthernet1/0/15
switchport mode access
!
interface GigabitEthernet1/0/16
switchport mode access
!
interface GigabitEthernet1/0/17
description LAN2
switchport access vlan 2
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport trunk allowed vlan 2
switchport mode trunk
!
interface GigabitEthernet1/0/18
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 2
switchport mode access
!
interface GigabitEthernet1/0/20
switchport mode access
!
interface GigabitEthernet1/0/21
switchport mode access
!
interface GigabitEthernet1/0/22
switchport mode access
!
interface GigabitEthernet1/0/23
switchport mode access
!
interface GigabitEthernet1/0/24
switchport mode access
!
interface GigabitEthernet1/0/25
switchport mode access
!
interface GigabitEthernet1/0/26
switchport mode access
!
interface GigabitEthernet1/0/27
switchport mode access
!
interface GigabitEthernet1/0/28
switchport mode access
!
interface GigabitEthernet1/0/29
switchport mode access
!
interface GigabitEthernet1/0/30
switchport mode access
!
interface GigabitEthernet1/0/31
switchport mode access
!
interface GigabitEthernet1/0/32
switchport mode access
!
interface GigabitEthernet1/0/33
switchport mode access
!
interface GigabitEthernet1/0/34
switchport mode access
!
interface GigabitEthernet1/0/35
switchport mode access
!
interface GigabitEthernet1/0/36
switchport mode access
!
interface GigabitEthernet1/0/37
switchport mode access
!
interface GigabitEthernet1/0/38
switchport mode access
!
interface GigabitEthernet1/0/39
switchport mode access
!
interface GigabitEthernet1/0/40
switchport mode access
!
interface GigabitEthernet1/0/41
switchport mode access
!
interface GigabitEthernet1/0/42
switchport mode access
!
interface GigabitEthernet1/0/43
switchport mode access
!
interface GigabitEthernet1/0/44
switchport mode access
!
interface GigabitEthernet1/0/45
switchport mode access
!
interface GigabitEthernet1/0/46
switchport mode access
!
interface GigabitEthernet1/0/47
switchport mode access
!
interface GigabitEthernet1/0/48
switchport mode access
!
interface GigabitEthernet1/0/49
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
interface Vlan1
ip address 10.0.0.3 255.255.255.0
!
interface Vlan2
ip address 10.0.1.3 255.255.255.0
!
ip classless
no ip http server
no ip http secure-server
!
ip sla enable reaction-alerts
!
!
line con 0
line vty 0 4
privilege level 15
login local
transport input ssh
line vty 5 15
privilege level 15
login local
transport input ssh
!
end

 

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Gi1/0/2, Gi1/0/3, Gi1/0/4
Gi1/0/5, Gi1/0/6, Gi1/0/7
Gi1/0/8, Gi1/0/9, Gi1/0/10
Gi1/0/11, Gi1/0/12, Gi1/0/13
Gi1/0/14, Gi1/0/15, Gi1/0/16
Gi1/0/20, Gi1/0/21, Gi1/0/22
Gi1/0/23, Gi1/0/24, Gi1/0/25
Gi1/0/26, Gi1/0/27, Gi1/0/28
Gi1/0/29, Gi1/0/30, Gi1/0/31
Gi1/0/32, Gi1/0/33, Gi1/0/34
Gi1/0/35, Gi1/0/36, Gi1/0/37
Gi1/0/38, Gi1/0/39, Gi1/0/40
Gi1/0/41, Gi1/0/42, Gi1/0/43
Gi1/0/44, Gi1/0/45, Gi1/0/46
Gi1/0/47, Gi1/0/48, Gi1/0/49
Gi1/0/50, Gi1/0/51, Gi1/0/52
2 Old active Gi1/0/18, Gi1/0/19
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup

VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1005 trnet-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2
---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------
1 enet 100001 1500 - - - - - 0 0
2 enet 100002 1500 - - - - - 0 0
1002 fddi 101002 1500 - - - - - 0 0
1003 tr 101003 1500 - - - - - 0 0
1004 fdnet 101004 1500 - - - ieee - 0 0
1005 trnet 101005 1500 - - - ibm - 0 0

Remote SPAN VLANs
------------------------------------------------------------------------------

 

Labels:
0 Helpful
1 Reply 1

Raptor_45
Level 1
Level 1

‎06-18-2020 06:11 PM

Well I think I figured this out: On the DNS server, Interfaces Tab and Listen Only there wasn't an IP listed. Put them back and and just like that, devices on VLAN1 can connect. I think that was the issue because the DNS query tests were failing and now they work fine. Not sure why this happened, but anyway working for now.

 

Thanks!

0 Helpful
Customers Also Viewed These Support Documents