Switches, Hubs, and Modems
1748269 Members
3716 Online
108760 Solutions
New Discussion юеВ

Re: New to VLANs...some guidance would be great...

 
Sean Rector
Occasional Advisor

New to VLANs...some guidance would be great...

I've attached a drawing of the part of the network I'm concerned with. I understand the functionality of VLANs, but I do not understand the implementation totally. I really appreciate the assistance. If there is any more information needed, please let me know.
18 REPLIES 18
cenk sasmaztin
Honored Contributor

Re: New to VLANs...some guidance would be great...


hi Sean
----------for 2810 switch config------------
2810-48(config)# vlan 1
2810-48(vlan-1)# ip address 172.16.0.1/24
2810-48(vlan-1)# untag 1(for vlan 1 router port)
2810-48(vlan-1)# vlan 2
2810-48(vlan-2)# untag 2(for vlan 2 router port)
2810-48(vlan-2)# tag 48(for 2510 uplink port,this port vlan 1 untag vlan 2 tag)
2810-48(vlan-2)#exit
2810-48(config)#

----------for 2510 switch config------------

2510-24(config)# vlan 1
2510-24(vlan-1)# ip address 172.16.0.2/24
2510-24(vlan-1)# vlan 2
2510-24(vlan-2)# untag 1-2(left two pc)
2510-24(vlan-2)# tag 3-6,24(right four pc this ports vlan 1 untag vlan 2 tag
this port you run two pc you use vlan aware nic or you attach this port ip phone
you assign on phone vlan id 2 .├Д┬░nterface 24 2810 uplink port)
2510-24(vlan-2)#exit
--------------------------------------------
all vlan 1 member pc assign ip address vlan1router ethernet interface with same
network and all pc default gateway vlan1router ethernet interface ip address


all vlan 2 member device assign ip address vlan2router ethernet interface with same
network and all device default gateway vlan2router ethernet interface ip address
and all device use vlan aware nic setting vlan2 info on nic.


good luck...

cenk

Joel Belizario
Trusted Contributor

Re: New to VLANs...some guidance would be great...

Hi Sean,

From your diagram you have some hosts that are in VLANs 1 and 2 - can you elaborate on why you need this?

Cheers,
Joel
Sean Rector
Occasional Advisor

Re: New to VLANs...some guidance would be great...

Yes...VLAN 1 is our company's network. VLAN 2 connects to a vendor's network. The two machines that are on VLAN 2 should only connect to the vendor's network, and the other workstations need to connect to both.
Sean Rector
Occasional Advisor

Re: New to VLANs...some guidance would be great...

I've updated my drawing. Hopefully that will help. If you could, the full command set would be very helpful.

TIA
Mohieddin Kharnoub
Honored Contributor

Re: New to VLANs...some guidance would be great...

Hi

Explaining the last topology attached:

2510-24 Switch:
---------------
- Simply has 2 Vlans.
- PCs in Vlan1 are connected to Untagged ports to Vlan1.
- PCs in Vlan1 are connected to Untagged ports to Vlan1.
- uplink port to the 2810 is Tagged to Vlan2.

2810-48 Switch:
---------------
- Server connected to Untagged port to Vlan1.
- Left router -Cisco 1760 connected to Untagged port to Vlan1.
- Right router - Cisco 1760 connected to Untagged port to Vlan2.


And since you have not attached the configuration of the 2810-48 switch then i THINK:

- 2810-48 Routing between Vlans is enabled.
- Vlan1 has an IP which is the Default Gateways for all Devices in Vlan1.
- Vlan2 has an IP which is the Default Gateways for all Devices in Vlan2.
- Default Route (Internet) is entered statically pointing to the Left Router Cisco1760.
- One more Static Route entered to Serve Vlan2 and Vendors Server Traffic.


Cisco Routers:
- Some static routes must be entered to Server All the Vlans (Route Back).
- Some security ACLs could be in place to serve some certain security policies.

Good Luck !!!
Science for Everyone
Sean Rector
Occasional Advisor

Re: New to VLANs...some guidance would be great...

Both switches have very basic configurations.

The workstations are on various ports of the 2510.

The 2510 connects to the 2810 via Fibre...Port 26 to Port 50.

The servers are on various ports on the 2810, as are the two routers, and several workstations.

2510 Config:
Running configuration:

; J9019A Configuration Editor; Created on release #Q.11.07

hostname "SW_Office"
snmp-server contact "IT Mgr. x3328"
snmp-server location "Office - Back Office"
web-management management-url ""
time timezone -5
time daylight-time-rule Continental-US-and-Canada
interface 25
name "To SW_SecBox"
exit
interface 26
name "To SW_Servers"
exit
ip default-gateway 10.0.0.33
sntp server 10.0.0.33
timesync sntp
sntp unicast
snmp-server community "Company" Unrestricted
snmp-server community "public" Operator
snmp-server host 10.0.0.80 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-26
ip address 10.0.0.18 255.255.0.0
exit
ip authorized-managers 10.0.0.80 255.255.0.0
ip authorized-managers 10.0.0.36 255.255.0.0
ip authorized-managers 10.0.0.39 255.255.0.0
qos type-of-service ip-precedence
stack join 001c2ebd4640

2810 Config:
Running configuration:

; J9022A Configuration Editor; Created on release #N.11.09

hostname "SW_Servers"
snmp-server contact "Ext-3328"
snmp-server location "Accounting-Office"
web-management management-url ""
time timezone -300
time daylight-time-rule Continental-US-and-Canada
interface 1
flow-control
exit
ip default-gateway 10.0.0.33
sntp server 10.0.0.36
timesync sntp
sntp unicast
snmp-server community "Company" Unrestricted
snmp-server community "public"
snmp-server host 10.0.0.80 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-48
ip address 10.0.0.11 255.255.0.0
exit
ip authorized-managers 10.0.0.80 255.255.0.0
ip authorized-managers 10.0.0.36 255.255.0.0
stack commander "Group"
stack member 1 mac-address 001c2e1d0b80
stack member 2 mac-address 001c2e47f2e0

I hope that helps.
Sean Rector
Occasional Advisor

Re: New to VLANs...some guidance would be great...

Could someone review my configurations and let me know what I need to do next?

Thanks!
cenk sasmaztin
Honored Contributor

Re: New to VLANs...some guidance would be great...

hi Sean
if you want create in your layout network architecture you must be see carefull above my config.

you send your last config not working
I not see your config in vlan 2 ???
cenk

Sean Rector
Occasional Advisor

Re: New to VLANs...some guidance would be great...

I haven't created VLAN2 yet. THAT is what I am asking for guidance on. Specific to the architecture drawing I posted.