Announcement

Collapse
No announcement yet.

Simple VLAN Setup Troubles

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Simple VLAN Setup Troubles

    Ok guys, i'm trying to configure a simple VLAN setup on my Cisco C3750.

    I can't figure out what i'm doing wrong. I see some problems but can't identify why I can't fix them.

    To start with here is what i'm trying to do. I use a computer for pfSense routing functions. Configure of VLANs with this looks very easy. All should be fine with this, just switch is having issues. I want 3 VLANs. VLAN 2 = pfSense only, VLAN 3 = servers, VLAN 4 = other network items (KVM switch, console terminal server, etc).

    So i've understood by reading that the pfSense port (VLAN2) needs to be a trunk port to be able to communicate with my other 2 networks. Connection is cable modem -> BGE0 NIC on server -> BGE1 NIC out to C3750 switch.

    Here are my config & outputs from my C3750.

    Fa1/0/1 is my trunk port which is output from pfSense router into switch. I can't remember how I set switchport access vlan dynamic, so i'm not sure if that needs to be on or not.

    Code:
    Switch1#sh running-con int Fa1/0/1
    Building configuration...
    
    Current configuration : 219 bytes
    !
    interface FastEthernet1/0/1
     switchport access vlan dynamic
     switchport trunk encapsulation dot1q
     switchport trunk native vlan 2
     switchport trunk allowed vlan 2-4
     switchport mode trunk
     spanning-tree portfast
    end
    Ok here is where i've started noticing problems. Operational mode is listed as down. I've issued the no shut command & it WILL NOT bring operational mode to up or running. I'm sure this is a part of the problem. Any ideas why no shut will not work? How does this info look? Is anything else wrong with this?

    Code:
    Switch1#sh int Fa1/0/1 switchport
    Name: Fa1/0/1
    Switchport: Enabled
    Administrative Mode: trunk
    Operational Mode: down
    Administrative Trunking Encapsulation: dot1q
    Negotiation of Trunking: On
    Access Mode VLAN: unassigned
    Trunking Native Mode VLAN: 2 (VLAN0002)
    Administrative Native VLAN tagging: enabled
    Voice VLAN: none
    Administrative private-vlan host-association: none
    Administrative private-vlan mapping: none
    Administrative private-vlan trunk native VLAN: none
    Administrative private-vlan trunk Native VLAN tagging: enabled
    Administrative private-vlan trunk encapsulation: dot1q
    Administrative private-vlan trunk normal VLANs: none
    Administrative private-vlan trunk private VLANs: none
    Operational private-vlan: none
    Trunking VLANs Enabled: 2-4
    Pruning VLANs Enabled: 2-1001
    Capture Mode Disabled
    Capture VLANs Allowed: ALL
    
    Protected: false
    Unknown unicast blocked: disabled
    Unknown multicast blocked: disabled
    Appliance trust: none
    Another problem. All the guides I have read say you should see VLANs listed under the "VLANs allowed on trunk" part. However mine does not list any. I don't know why or how to fix it. Status is listed as other instead of "trunking" which I assume is because of the operational mode being down. I assume if I can get the operational mode fixed this will fix itself.

    Code:
    Switch1#sh int Fa1/0/1 trunk
    
    Port        Mode         Encapsulation  Status        Native vlan
    Fa1/0/1     on           802.1q         other         2
    
    Port        Vlans allowed on trunk
    Fa1/0/1     none
    
    Port        Vlans allowed and active in management domain
    Fa1/0/1     none
    
    Port        Vlans in spanning tree forwarding state and not pruned
    Fa1/0/1     none
    Ok, here is my config for my VLAN 3 that is for my servers. I've only tried to get one server operational on one port before proceeding further. I don't think there are any problems with this.

    Code:
    Switch1#sh running-con int Fa1/0/17
    Building configuration...
    
    Current configuration : 86 bytes
    !
    interface FastEthernet1/0/17
     switchport access vlan 3
     switchport mode access
    end
    Lastly this is my VLAN 3 config. I believe that's all it needs, but not 100% sure.

    Code:
    Switch1#show running-con int vlan3
    Building configuration...
    
    Current configuration : 61 bytes
    !
    interface Vlan3
     ip address 192.168.4.1 255.255.255.0
    end
    Any help would be greatly appreciated. I think that the problem is somewhere in the trunk port configuration. I think the other stuff is setup correctly.

  • #2
    Re: Simple VLAN Setup Troubles

    Have you created each VLAN with the global vlan configuration command?

    What does show interface vlan2 (and 3 and 4) have to say about the status of your VLANs?

    Comment


    • #3
      Re: Simple VLAN Setup Troubles

      Originally posted by Ser Olmy View Post
      Have you created each VLAN with the global vlan configuration command?

      What does show interface vlan2 (and 3 and 4) have to say about the status of your VLANs?
      I don't understand your first question. I did config t, then issued vlan N command to make these vlans.

      This is the output. vlan3 & 4 have pretty much identical outputs. Hopefully this will help a little more.

      Code:
      Switch1#sh interface vlan2
      Vlan2 is up, line protocol is down
        Hardware is EtherSVI, address is 000f.343e.f041 (bia 000f.343e.f041)
        Internet address is 192.168.2.1/24
        MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
           reliability 255/255, txload 1/255, rxload 1/255
        Encapsulation ARPA, loopback not set
        ARP type: ARPA, ARP Timeout 04:00:00
        Last input 03:44:04, output 03:44:03, output hang never
        Last clearing of "show interface" counters never
        Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
        Queueing strategy: fifo
        Output queue: 0/40 (size/max)
        5 minute input rate 0 bits/sec, 0 packets/sec
        5 minute output rate 0 bits/sec, 0 packets/sec
           159 packets input, 9540 bytes, 0 no buffer
           Received 0 broadcasts (0 IP multicasts)
           0 runts, 0 giants, 0 throttles
           0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
           7 packets output, 448 bytes, 0 underruns
           0 output errors, 0 interface resets
           0 output buffer failures, 0 output buffers swapped out
      ETA:Ah ok I didn't mean to enable "switchport access vlan dynamic" on Fa1/0/1. I got that fixed.

      Code:
      Switch1#sh running-conf int Fa1/0/1
      Building configuration...
      
      Current configuration : 213 bytes
      !
      interface FastEthernet1/0/1
       switchport access vlan 2
       switchport trunk encapsulation dot1q
       switchport trunk native vlan 2
       switchport trunk allowed vlan 2-4
       switchport mode trunk
       spanning-tree portfast
      end
      Code:
      Switch1#sh vlan
      
      VLAN Name                             Status    Ports
      ---- -------------------------------- --------- -------------------------------
      2    VLAN0002                         active    Fa1/0/1
      3    VLAN0003                         active    Fa1/0/17, Fa1/0/18, Fa1/0/19
                                                                Fa1/0/20
      4    VLAN0004                         active    Fa1/0/33
      Last edited by cegha04; 11th March 2014, 22:36.

      Comment


      • #4
        Re: Simple VLAN Setup Troubles

        Does show interface vlan 2 now report VLAN2 as up?

        Comment


        • #5
          Re: Simple VLAN Setup Troubles

          To start, I got it all working. So excited. Thank you for the help Ser Olmy.

          I haven't mentioned i've only got my C3750 switch up & able to access the console for about the last week. So other than basic configuration, setting up these VLANs is the first actual task I have done. I understood everything fairly well & had the configuration down 99% of the way. This is the first time i've ever worked with a Cisco product or IOS.

          Anyways, I was reading something at one point about the switchport access vlan dynamic command and enabled it, but it was not the correct thing to do. Trunk port needs to be set to switchport access vlan. So I fixed that issue as I previously noted.

          Next, again being new, I followed a guide which told me to issue the ip address command under config of each vlan, i.e.
          Code:
          Switch1#show running-con int vlan3 
          Building configuration...  
          
          Current configuration : 61 bytes 
          ! 
          interface Vlan3 
           ip address 192.168.4.1 255.255.255.0 
          end
          This has something to do with using the switch to hand out IPs instead of your router, in my case pfSense. This was causing conflicts with pfSense. I issued the no ip address command to each vlan to replace that & then set each VLAN in pfsense to a static IPv4 range, & enabled DHCP for each interface to assign IPs. Now it works perfectly.

          Just make sure if using pfSense that the actual NIC interface isn't assigned that is trunking out to your switch. You should have under your assign interface tab, VLAN2 on NIC1, VLAN3 on NIC1, etc.

          Only your WAN interface should have NIC0 (MAC Address).

          Of course the proof is in the pudding. Here is my setup for the trunk (VLAN 2) & my server subnet (VLAN3), not shown, but I can access my server via Wifi which is on VLAN 4 port 33 on the switch. Pretty cool stuff.

          Code:
          Switch1#sh running-con int vlan2
          Building configuration...
          
          Current configuration : 38 bytes
          !
          interface Vlan2
           no ip address
          end
          Code:
          Switch1#sh running-con int vlan3
          Building configuration...
          
          Current configuration : 38 bytes
          !
          interface Vlan3
           no ip address
          end
          Code:
          Switch1#sh running-con int Fa1/0/1
          Building configuration...
          
          Current configuration : 237 bytes
          !
          interface FastEthernet1/0/1
           switchport access vlan 2
           switchport trunk encapsulation dot1q
           switchport trunk native vlan 2
           switchport trunk allowed vlan 2-4
           switchport mode trunk
           switchport nonegotiate
           spanning-tree portfast
          end
          Code:
          Switch1#sh running-con int Fa1/0/17
          Building configuration...
          
          Current configuration : 86 bytes
          !
          interface FastEthernet1/0/17
           switchport access vlan 3
           switchport mode access
          end
          Code:
          Switch1#sh int Fa1/0/1 trunk
          
          Port        Mode         Encapsulation  Status        Native vlan
          Fa1/0/1     on           802.1q         trunking      2
          
          Port        Vlans allowed on trunk
          Fa1/0/1     2-4
          
          Port        Vlans allowed and active in management domain
          Fa1/0/1     2-4
          
          Port        Vlans in spanning tree forwarding state and not pruned
          Fa1/0/1     2-4
          Code:
          Switch1#sh int Fa1/0/1 switchport
          Name: Fa1/0/1
          Switchport: Enabled
          Administrative Mode: trunk
          Operational Mode: trunk
          Administrative Trunking Encapsulation: dot1q
          Operational Trunking Encapsulation: dot1q
          Negotiation of Trunking: Off
          Access Mode VLAN: 2 (VLAN0002)
          Trunking Native Mode VLAN: 2 (VLAN0002)
          Administrative Native VLAN tagging: enabled
          Voice VLAN: none
          Administrative private-vlan host-association: none
          Administrative private-vlan mapping: none
          Administrative private-vlan trunk native VLAN: none
          Administrative private-vlan trunk Native VLAN tagging: enabled
          Administrative private-vlan trunk encapsulation: dot1q
          Administrative private-vlan trunk normal VLANs: none
          Administrative private-vlan trunk private VLANs: none
          Operational private-vlan: none
          Trunking VLANs Enabled: 2-4
          Pruning VLANs Enabled: 2-1001
          Capture Mode Disabled
          Capture VLANs Allowed: ALL

          Comment

          Working...
          X