Several VLANS and DHCP relay on two stacked switch SGE2000-G5
We were put to the task of securing a small desktop system managed that is currently set up with a standard switch for each of the offices (with different companies) to see each other and in some cases, access to each of the other documents on the network.
Obviously, this is far from adequate set up and our goal is to isolate each office using VIRTUAL networks, but share a common internet connection provided by managed offices. We have two switches for layer 3 Cisco SGE2000-G5, but we are new on Cisco equipment and VLAN, so we are not quite sure on how to implement this. DHCP must be provided by a router, there is no server. We are open to suggestions on the router as we still buy a.
I hope that someone may be useful.
Thank you very much
Jim
Hi Jim,.
SGE2000 switches you are using must be able to handle this without issue. What type of router you are using? As long as you have a router that will take in charge VLAN / several subnets, it should be a simple configuration.
Here's a quick run down of the measures to be implemented. (using vlan1 and vlan2)
On the router, create a vlan / subnet 2 and set the port to connect to your shared resources with the two VLAN 1 and 2 switch. (it will be untagged, two will be marked)
On the switch, create vlan2 and do the same for the port connected to the router. (vlan1 marked and tagged vlan2)
Now for each switch port that you want to assign the port access and vlan1 and vlan2. (this vlan will be without a label)
If your router allows, disable routing inter - vlan. If this isn't the case, you must create rules to block traffic from one network to the other.
All this happens under the assumption that your router can support VLAN and can also make DHCP for this VLAN.
Hope this information helps
Tags: Cisco Support
Similar Questions
-
I am trying to configure my Aironet 1121 G acess points with several VLANs, got the VLAN everything works great with wired devices, but wireless devices don't you DHCP.
Basically I have the BVI on my virtual LAN management and two other vlans that cross, try to have the public WiFi on 1 vlan and the two VLAN corporate with separate wifi. Impossible to get IPs on any of them though.
Vlnas are moved by a catlayst 3550 with addresses of assistance set up on all the VLAN interfaces.
DHCP comes from 2 boxes of windows on another virtual local network Server 2003
any ideas?
Hello
If I understand, you have plugged your access point to one of the L2 switch. I suggest you to set up your L3 (tandem switch) with pool dhcp to obtain the ip address for vlan respective first.
To set the dhcp pool in your L3 192.168.2.1.
create interface IVR and IP address assignment for the VLAN respective (which will act as a gateway of the vlan respective)
Repeat the same for all the VLANS.
Create the DHCP pool for the vlan respective and router by default with the ip address of L3.
AccessPoint#configure terminal
AccessPoint(config)#interface dot11radio 0
AccessPoint(config-if)#ssid .......give the name of your ssid
AccessPoint(config-if-ssid)#vlan ?
AccessPoint(config-if-ssid)#authentication open
AccessPoint(config-if-ssid)#end
AccessPoint(config) interface fastethernet 0.30
AccessPoint(config-subif) encapsulation dot1Q 30
AccessPoint(config-subif) exit
AccessPoint(config) interface dot11radio 0.30
AccessPoint(config-subif) encapsulation dot1Q 30
AccessPoint(config-subif) exitCheck if you have the ip address for the customers.
In case await you get the IP address of your external dhcp server...
try to give below command on each respective dot11Radio 0 subinterface "helper-... to give the dhcp server ip address here"
Please let me know if it works...
Thank you
Vinod
-
Cisco 1921 & SG500 VLAN and DHCP problem
Dear all,
Thank you in advance for taking the time to read this.
A little history:
I want to install a project for an athlete, which is unfortunately on a budget pretty tight with a potentially large quantity of network users (~ 200 without public WIFI). I need to separate the 5 groups of users and to give them all access to internet without see each other. 5 user groups also share the same bandwidth to the internet and VLANs must be controlled bandwidth.
To do this, I had planned to use Cisco devices built-in functions and buy a 1921 Cisco router as a switch of SG500.
I have configured the router for 8 subinterfaces is internal NIC with 8 VLAN. I also configured DHCP Pools 8 on the 1921 and set up NAT and firewall.
What I want to do now is have the SG500 to recognize the VLAN ID, I configured on the router (as well as on the switch using the same VLAN ID numbers), and then assign ports to the VLAN on the switch, and depending on where I plug into the switch, the device receives different IP addresses from DHCP.
However, I can't get this to work. The router works fine, the 'intact' if left switch gives me an IP address from the DHCP server on the IP address of higher network VLAN (I.e. 168.8.0). but I can not configure the switch ports correctly so that it works. I was also confused, is that dhcp pools that I have configured on the command-line command on the router do not appear in professional CP in the mask of the pool.
Can someone kindly check the configuration of the router and throw some guidance on how I need to configure the Ports on the SG500? I must say that I have had too many nights and I seem to confuse tagging, untagging, to exclusion and prohibiting the ;.)
I have the router for you here:
Thanks again and good night!
W.
Hi Wolfgang, for the sx500 configuration can be something like this
config t
database of VLAN
VLAN 2-8
int item in gi1/1/1
switchport mode general
switchport trunk allowed vlan add 2-8 tag
switchport General disable filtering of capture
For any client that connects must be no tagged coelio
So if you want a client access port then you should do something like 5 unidentified to this port
config t
int item in gi1/1/2
switchport mode access
switchport access vlan 5
-Tom
Please mark replied messages useful -
SG300 insert option82 in DHCP relay
Hey guys, anyone having trouble getting a SG300 series pass to insert information from option82? I have Working DHCP relay between two VLANs successfully, however, I want to identify where the client is connected in order to define their preferences for optimal routing.
switch-20-0#show ip dhcp relay
DHCP relay is Enabled
Option 82 is Enabled
Maximum number of supported VLANs without IP Address is 256
Number of DHCP Relays enabled on VLANs without IP Address is 1
DHCP relay is not configured on any port.
DHCP relay is enabled on Vlans: 20
Active: 20
Inactive:
Servers: 192.168.0.2
I have to you missing something simple. Any help, or even "Hey have you tried' type answers very much appreciated!
Hi Jonathan,.
To my knowledge, you have everything configured properly. I would try to set up packet capture on the switch to the position to interface to the DHCP server to see if the information is included in the DHCP Discover message.
-Good Trent
* Please note the useful messages! **
-
Several VLANS between 2 SG300-10
Hi all
I have 2 switches SG300-10, and I need two VLANs, one for the internal network and the other for WiFi AP.
I need ports 1-> 4 on both switches in order to be part of VLAN 1 and 5-2 8 > VLAN. and a 10 to the 2nd switch uplink port.
How to configure the VLAN and the interface mode VLAN?
1-> 4 vlan 10 port, port 5-> 8 vlan 20 and vlan port 10 10, 20 and 1? (assuming I have have VLAN 10 and 20 and 1 by default)
Ports 1-> 8 General mode and trunk of 10 port mode?
Thank you!
Hi Adrien, the first question is, what is your router?
To answer your question. Single host connection ports can be configured as any mode of port, but coelio is preferential. Links of connection between switches can be trunk or general with vlan 1 UNTAG, vlan 10 tag, tag vlan 20.
Cli command would look like this
config t
database of VLAN
VLAN 10.20
item in gi1-4 serial interface
switchport mode access
switchport access vlan 10
IG5-8 serial interface
switchport mode access
switchport access vlan 20
gi10 interface
switchport mode trunk
switchport trunk allowed vlan add all
-Tom
Please evaluate the useful messages -
WLC 4402 assign several VLANS to an SSID
Is it possible to have a SSID broadcast but separate customers by, lets say 7 different VLAN in the WLC? For example, each floor would be separated from its own pool vlan and DHCP, but they all connect to a SSID in the controller. From what I read, it seems that each vlan would receive its own SSID?
Sure. Take a look at "AP Groups". You want to also make sure that you have no purging of the adjacent floors, because you might have clients connected to the APs on the floor above or below and who could shake your roaming.
-John
-
SGE2010 - traffic relay and DHCP configuration
Hei
We bought just a switch SGE2010 we want to use to replace the switches in the control panel of our office. So far I managed to access the switch and assigned a static ip.adress on our net, but I can't get to our entry point switch relay traffic. I have a test machine that is configured with a static IP as well and tried the ok sign, but as soon as I put the switch between traffic is not relayed.
The idea was to use this switch as a DHCP as well. But I thought it would be a start to get at least the traffic relayed before starting the dhcp part.
Only configuration settings I have done factory settings are the following: (note that the IP is slightly adjusted, but consistent for reasons of confidentiality)
Configuration of the IP4
- Assigned to a static ip address: 95.59.69.148
- Assigned a subpattern: 255.255.255.192
- Assigned to a user-defined gateway: 95.59.69.129
DNS configuration
- Assigned to an ip address dns address: active 95.59.0.100
- Assigned to a dns ip address: 95.59.0.200
All these settings are the default settings that we use when we assign a server with a static ip address, so it is not a pick up of our filtration dhcp server. So my main question is why on earth isn't it relay traffic?
In addition, we are interested to kill the former (with stones, I hope) dhcp server and dhcp on the sge2010 configuration. The current dhcp is an operating system. X dhcp server (Yes a mac) with the following configuration:
- (Dynamic ip) subnet
From ip: 95.59.69.179
Ending ip: 95.59.69.190
Subnet: 255.255.255.192 - Router ip: 95.59.69.129
Rental time: 3 hours - The range 95.59.69.130 to 95.59.69.149 we set up manually on the servers, hardware, etc.
- DNS server: 95.59.0.100 & 95.59.0.200
Default search domain: No. - dns - available.example.com - And then we have a group of static mappings to Mac-addresses
ip address: 95.59.69.150
IP: 95.59.69.178
I tried to see in the configuration where I could the mappings static spesify range etc, but I can't say it got me anywhere. So my second question is how to install a server dhcp of Eric as a designated above?
It's nice to finally convince the CEO to move the dhcp to a better metal, but it's not as nice having a hard time setting up. I would apprecitate every possible leeds and suggestions since I'm kinda stuck.
Thanks in advance
Rafn.R
Hello
My SGE2000P forwards DHCP requests on my DHCP server.
I used my default VLAN1 as an interface routed to unicast request DHCP relay on my server (router ISR UC520) that resides on that VLAN 1.
My interface Vlan 1 on my SGE2000P has an IP 192.168.10.254.
My gateway address for potential hosts in VLAN 2 IP will be the ADDRESS IP I AI ASSIGNES to VLAN 2, because the PC or the IP hosts connected to VLAN2 will use IP VLAN2 interface as the gateway. It's just how it works!
Hosts of PC on VLAN 2 need of a default route and they use the IP I assigned to VLAN2 as their next jump out VLAN2 on the real world.
This address can be seen below.
DHCP relay is enabled with the option 82
I chose VLAN2 as an interface VLAN, as shown below.
I have two ports not signposted in the VLAN2, and I joined an IP host to G1 so that I can test the DHCP relay.
I get the following debug output from my dhcp server, so I know the relay is working.
002624: 19:40:08.575 Dec 5: DHCPD: looking for expiry of the leases.
002625: 19:40:58.408 Dec 5: DHCPD: DISCOVER notification to:
002626: 19:40:58.408 Dec 5: DHCPD: htype 1 CHADRR 0025.84d8.d008
002627: 19:40:58.408 Dec 5: DHCPD: id remote 020a0000c0a80a0101080001
002628: 19:40:58.408 Dec 5: DHCPD: id circuit 00000000
002629: 19:40:58.408 Dec 5: DHCPD: see if there is a specified internal pool class:
But I must confess that I have opened a case on it with the Small Business Support Center, because I think I can see something wrong on my DHCP server debugging.
But the key is that I see the router WAN/DHCP server, see the query from DHCP.
The only way to the broadcast DHCP requests can get to the DHCP server, if the switch SGE2000P takes these DHCP broadcast requests and unicast these or relay to my server DHCP IP address 192.168.10.1.
So in other words he tries to relay DHCP.
I would ask you to please check the SGE2010 Administrator's guide because it clearly shows how to configure the DHCP on the SGE2010 relay.
Even if the screen capture shows and the old version of the code below. I have day my SGE2000P tonight at the generally available (GA) version of the code.
Just outa interest, if you telnet to the switch, is your mode of layer 3 or Layer 2 switch.
I can also say from your screenshot that your uplink ports are in overlay mode.
Maybe if you don't use stacking, you can set your switch to the layer 3 mode and standalone mode
Best regards, Dave
-
WRVS4400Nv2 DHCP Relay on 2nd VLAN
Hello
Here's what I'm trying to understand:
My network is set up such that I have a wireless network in the VLAN 1, which is the main network we use. The subnet is 10.5.1.x.
My goal is to set up a wireless network completely isolated comments, but it would work better. What I'm trying to do now, is that I created a VLAN separated (VLAN 2, ranging 10.5.2.x IP) and activated DHCP on the WRVS4400N. However, in comments network, he is always picking up a 10.5.1.x IP which will be distributed by the server DHCP (10.5.1.5, Win 2003) and yet all traffic to our private network routing.
Here's what I put:
Wireless > security settings > network (SSID 2) comments
- Wireless Isolation (between w/o SSID VLAN): enabled
- Insulation (within SSID) wireless: enabled
Setup > LAN > VLAN 1
- Router IP 10.5.1.1, CAMERA IP WiFi 10.5.1.3
- DHCP relay for 10.5.1.5
Setup > LAN > VLAN 2
- 10.5.2.1 IP router
- DHCP enabled for the subnet 10.5.2.x
- Relay DHCP option is grayed out (don't know why)
Setup > Advanced Routing
- Routing inter - VLAN: disabled
A way to solve this problem would be nice. I don't want traffic through our internal network. Ideally, if I get Windows server to distribute addresses of 10.5.2.x, it would be perfect, but I do not know how to configure it for such.
If anyone has any ideas, that would be great-thanks!
Matt
Yes... Here is an answer I got Cisco engineering support:
The issue you reported is a known problem.
Engineering and development are aware of this problem and provided the following information:DESCRIPTION OF THE PROBLEM:
If the WRVS4400N is configured with multiple VLANs, and these VLANs are mapped to different SSIDS, the user cannot use an external DHCP server to provide IP scopes for these VLANS.
Hosts connected to two SSID will get the native DHCP server IP address only.
The workaround for this is to use the DHCP server integrated for all the VLANS defined on the WRVS4400N.Note: This is not a bug but rather a limitation of product. The developer confirmed that the WRVS4400N works as expected.
A difficulty regarding:
Because of the wireless switch port and the trunk by using different chipset, it is not possible to provide a fix for this problem.
In the future, engineering & product Dev teams will try to use the same chip set (same provider).
This feature has been targeted for the next new product. No solution will be on the current hardware.Note: If this function is vital for your deployment and you want to recover the cost of the WRVS4400N, please send the serial number and a copy of your proof of purchase and we will gladly provide a refund.
Best regards
Alex Delano
-
PowerConnect 5448 several VLANS between upstream and downstream server firewall
I am struggling with what I thought, would be a simple task: route several subnets, each on one VLAN different, a firewall to a server. In fact, I can't even pass the VLAN by default one still looking correct in the address tables and STP.
Port 1 = firewall, VLAN 1 unidentified, 2 VLAN Tag, 1 PVID, tried the two trunk and general patterns
17 = server NIC, VLAN 1 unidentified port, VLAN Tag, PVID 1 and 2 2, tried, tried both safe and general patterns
VLAN 1 (firewall untagged) 10.84.195.0/24, 10.84.195.2 Interface IP and default gateway 10.84.195.1
VLAN 2 (tag of firewall) 10.101.0.0/16, IP Interface 10.101.0.2 for 2 VLAN, firewall est.1
The first thing I got was that something has not been properly marked by (Hyper-V, using SC VMM 2012 SP1) server or the firewall (Watchguard XTM 520). Simple test: VPN Firewall, ping the switch to 10.101.0.2 with the tag, and works, remove the label and it doesn't. Dynamic address table shows the two-way firewall. Line 18 below appears right after the ping as planned on VLAN 2 with the same MAC address in VLAN 1. In addition, I ping the switch 10.101.0.2 from the server and it works fine. The table shows that VLAN 2 from the host (and 1 other VM), so it seems to me that everything is properly labeled.
15 VLAN 1 00907f8f571b G1 16 VLAN 2 00155d1f1b07 G17 17 VLAN 2 001dd8b71c01 G17 18 VLAN 2 00907f8f571b G1 What I can't do, is ping through the switch to VLAN 2. I can't ping my VPN server (10.101.20.1), and I can not ping to the gateway (10.101.0.1) from the server. Note, it is not because of rules to firewall on each end.
What Miss me? I don't think I need a routing of layer 3 here, I don't have to go through VLAN, just have them several VLANS passes from one port to the other.
Other things to note in case it is useful:
-I have no connectivity not tag with everything else through the 10.84.195.xxx/24 switch.
-If I delete the Tags VLAN port 2 1 trunk, I suddenly can ping the bridge VLAN 2 (10.101.0.1) from the server, although I suspect that it is because the same port is the default gateway for the switch.
-For brevity, only 2 lines of the STP are listed below, but all ports are therefore based on the question of whether they are connected or not.
G1 activated 128.1 Frw Desg P2P (STP) No. 4
G2 activated 128.2 Dsbl Dsbl No. 100.-Latest firmware installed.
-In addition, for people concerned about their security, I want to remove use VLAN by default in the future.
Would it be possible for run you to stick your show output here in the forum. In this way, we can take closer look at what you have configured.
If you connect a desktop/laptop computer (with and intellectual property in the 10.101.0.0/16 range) in a port with the mode of access switchport VLAN 2 are you able to ping IP Interface 10.101.0.2 for 2 VLANS? You could try to disconnect the firewall and the configurations for the port and work on getting through the switch with 2 terminals on a single VLAN. Then, once this is confirmed as work connect the firewall back up with a trunk/general mode adding the VLAN necessary.
You connect to the firewall on a layer 3 interface? You need Layer 3 routing to reach the firewall correctly.
-
several subnets by VLANS and ports link
Hello
I need some clarification.
Our iSCSI SAN storage (Dell MD3660i0 requires a separate subnet by port.
We require paths multiple access and balancing in VMware.
To achieve this in ESXi 5.1 we need binding ports... BUT the binding of ports is supported only if the vmks are all in the SAME domain in accordance with these two KBs broadcasting
VMware KB: Considerations for use binding software iSCSI ports in ESX/ESXi
OK... probably so I simply put my all subnets in ISCSI storage in one VLAN and everything will be ok (one VLAN is after all a broadcast domain, both are stuff of L2)... This would respond to the requirements of KBs... If VMware means "area of distribution" in the true sense of the term.
So my question is can you configure the port in this way binding? It is supported by VMware?
VMware has come back to me (in fact the author of one of the kb/s I've referenced)
He confirmed that the terminology used in the KB is misleading and "broadcast domain", it actually means "subnet" so not layer 3 layer 2.
This means that you can NOT have multiple subnets in a broadcast domain (VLAN) AND use the SW iSCSI port binding.
BUT
He told me (he is very familiar with the Dell MD3660i iSCSI kit), you don't have to have binding of ports to achieve several Multipathing and load balancing. If you have a requirement for several subnets of your iSCSI SAN provider then just create multiple vmks on different subnets, and DO NOT make the port binding. The fact that they are on different subnets will be enough to achieve the multiple paths
It updates the KB to make this much clearer.
I hope this helps someone
-
I worked on a large document for several years and all of a sudden I can't scroll to the bottom of the screen with my two fingers on the touchpad, well that I have no problem scrolling to the bottom of this page to search for similar issues. I can navigate only to go up and down with the arrow keys.
What version of Pages is running on your MBP?
What version of Mac OS X is running on your MBP?
The MBP is not iOS running.
-
I inherited a network with a dhcp/DC with two network cards, 1 for the data network and the other for the vlan voice.
I know this is an unsupported configuration, and I want to get rid of the adapter for the vlan voice. I have to make sure that dhcp is working on the vlan voice.
Network is made up of a stack of PowerConnect 70xx switces.
My question is what must be configured on the stack. There are so many options... IP helper, relay DHCP, ect...
If the switch is in mode Layer 2, then use l2relay DHCP commands. If it is in Layer 3 mode, then you use the controls to support IP. If in layer 3 mode make sure VLANS routing is turned on.
Console #config
Console (config) #ip Routing
Console (config) #interface vlan 2
Console (config-if-vlan2) #routing
Console (config-if-vlan2) #exit
Console (config) #interface vlan 3
Console (config-if-vlan3) #routing
Console (config-if-vlan3) #exit
Console (config) #interface vlan 4
Console (config-if-vlan4) #routing
Console (config-if-vlan4) #end
Hope this helps,
Thank you.
-
Battery M8024-k (pair) M3048 (pair) battery gal, VLAN and port groups?
Hi all
I'm getting more confused by the minute. I have a pair of M8024-k blade switches in a M1000e enclosure, outside, I have a pair of N3048 switches.
I think I have the job of stacking on the M8024-k, but I found a configuration guide for Simple mode that says take port 17-20 outside the Group of ports on the pair aggregation and leave the stack ports and internally in the PA Group. When I do that they remain outside the group, if I do it in the CLI or the GUI.
Does anyone have a configuration guide that shows how I can pair trunk the 2 together and allow 4 VLAN that I keep coming without access to blade servers inside? What I get out of simple mode on the M8024-k to achieve?
Any help gratefully received.
The best source of information is going to be the user guides.
I would wear the 8024-k off simple mode.
Console
# not simple mode On two batteries, you will need to aggregate 4 ports together. Here is an example to place a port in an aggregation group.
Console (config) # interface gigabitethernet 0/1/5
Console (Config-if-1/0/5) # channel-group mode 1 (active / Auto)
Once the ports are in a channel-group 1, we can then configure the channel group to perform for several VLANs.
Console (config) # interface port-channel 1
trunk mode console (config-if-po1) #switchport
#switchport console (config-if-po1) trunk allowed vlan add 2-150
This is done, you should have connectivity.
Keep us informed.
-
Hello
The RV042G takes by acting as a DHCP server on several local networks virtual (or alone)?
Im going to set up three separate VLAN (no routing between the two) and want the router to provide addresses on all three VLAN (different subnets). The RV042G will do the job?
Appreciate any input
/ Claes
Paindivine,
Please refer to this previous post.
https://supportforums.Cisco.com/discussion/11576126/RV042-multiple-subnets
-
1252 config several VLAN trunking on ethernet not
Hi all I am new to these forums, but have read some posts on configurations for an AP from 1252 to switch 2950.
I have several VLANS andmultiple SSID configuration on my ap. The switch knows the VLANS on the access point
I think that in the config.
When I put the 2950 in trunk mode on the port, the ap is conencted too, I can see no longer the access point. And none of my ssid / VLAN traffic through the stem net ether to the switch. I think I have a problem with the config of the ap specifically either in the British Virgin Islands (do not understand this virtual port) or in bridge groups. (Never worked with foredeck groups.)
The AP is in stand-alone mode.
Here is my config on the side of the ap.
interface Dot11Radio0
no ip address
no ip route cache
!
the cipher mode vlan 300 encryption tkip aes - ccm
!
broadcasting-key vlan 300 change 600 members-notice change in capacity
!
!
SSID 101
!
SSID 300
!
countermeasure tkip duration of maintaining 120
gain of antenna 0
Base-1 speed, 0 2.0 5.5 11.0 6.0 12.0 9.0 18.0 24.0 36.0 48.0 54.0 m0. M1. M2. M3. M4. M5. M6. M7. M8. M9. M10. M11. M12. M13. M14. M15.
root of station-role
Bridge-Group 1
Bridge-Group 1 block-unknown-source
No source of bridge-Group 1-learning
unicast bridge-Group 1-floods
Bridge-Group 1 covering-disabled people
!
interface Dot11Radio0.100
encapsulation dot1Q 100
no ip route cache
Bridge-group 100
100 block-unknown-source bridge-group
No source of bridge-group 100-learning
No bridge group 100 unicast-flooding
Bridge-group 100 covering people with reduced mobility
!
interface Dot11Radio0.300
encapsulation dot1Q 300
no ip route cache
Bridge-group 255
Bridge-group subscriber-loop-control 255
Bridge-group 255 block-unknown-source
No source of bridge-group 255-learning
No bridge group 255 unicast-flooding
Bridge-group 255 covering people with reduced mobility
!
interface Dot11Radio1
no ip address
no ip route cache
!
the cipher mode vlan 300 encryption tkip aes - ccm
!
broadcasting-key vlan 300 change 600 members-notice change in capacity
!
!
SSID 101
!
SSID 300
!
countermeasure tkip duration of maintaining 120
gain of antenna 0
DFS block 3 Strip
Speed - Basic6.0 9.0 12.0 18.0 36.0 24.0 48.0 54.0 m0. M1. M2. M3. M4. M5. M6. M7. M8. M9. M10. M11. M12. M13. M14. M15.
channel SFR
root of station-role
!
interface Dot11Radio1.100
encapsulation dot1Q 100
no ip route cache
Bridge-group 100
100 block-unknown-source bridge-group
No source of bridge-group 100-learning
No bridge group 100 unicast-flooding
!
interface Dot11Radio1.300
encapsulation dot1Q 300
no ip route cache
Bridge-group 255
Bridge-group subscriber-loop-control 255
Bridge-group 255 block-unknown-source
No source of bridge-group 255-learning
No bridge group 255 unicast-flooding
Bridge-group 255 covering people with reduced mobility
!
interface GigabitEthernet0
no ip address
no ip route cache
automatic duplex
automatic speed
!
interface GigabitEthernet0.51
51 native encapsulation dot1Q
no ip route cache
Bridge-Group 1
No source of bridge-Group 1-learning
Bridge-Group 1 covering-disabled people
!
interface GigabitEthernet0.100
encapsulation dot1Q 100
no ip route cache
Bridge-group 100
No source of bridge-group 100-learning
Bridge-group 100 covering people with reduced mobility
!
interface GigabitEthernet0.300
encapsulation dot1Q 300
no ip route cache
Bridge-group 255
No source of bridge-group 255-learning
Bridge-group 255 covering people with reduced mobility
!
interface BVI1
IP 10.131.10.70 255.255.255.0
no ip route cache
!
51 of VLAN is what I'm trying to trunk more. VLAN 100 is my networks vlan normal almost everything at the moment. And my attempt to secure traffic wireless to a new vlan Vlan 300 more course on my local network.
VLAN 51 has no ip address range
IP VLAN 100 range is 10.131.10.0
10.131.11.0 between 300 VLAN
The routing goes to my switch 3750 core / router, but the access point is conencted to a 2950 namely shared resources to my layer distribution on a stack of 2975. Once again the vlan 300 works on the 2975 stack and will pull dhcp if it is enabled. Have not tried this on the 2950 yet, but I suspect it will also work based on the setting of the trunk on the s950 battery of 2975.
In any case, I want to be able to do is have multiple VLANs configured on the AP (from most secure to least guarantee based on the capabilities of the equipment) and that traffic vlan tag go to my 3750 possibly for other guidelines.
Here, any help would be greatly appreciated.
Thank you for taking the time to read this.
Sincerely,
Kevin Pulford
Systems administrator
Harmon city, Inc.
Yes, remove the vlan 51 can tell vlan 100 is the native, and there will be a link to bridge - Group 1. Then change the switch port to vlan 100 native. You should then be able to reach the access point via telnet/GUI.
orders will be:
config t
No int dot11radio0.51
No int dot11radio1.51
No int g0.51
int dot11radio0.100
100 native encapsulation dot1q
int dot11radio1.100
100 native encapsulation dot1q
int g0.100
encapsulation dot1q 100 natively.
To be sure, save reboot and wr mem.
Maybe you are looking for
-
How to set the text bigger? Help.
Want more text on the screen. Besides that I printed everything has been very itsy bitsy... much smaller than on the screen.
-
10.0 Firefox says it's not compatible with Norton Toolbar, and Norton 360 Identity Safe. We recently had with upgrade to Firefox 9.0. CAN the Norton update/solution provided for Firefox 9.0. somehow be incorporated into 10.0?
-
Slow download speed after downgrading to Windows 7 64 bit
Hi all! I'm new here! My first laptop is a Toshiba Satellite since 2003. Since then, I got one couple of others.Now I bought a new: Satellite P70-A-11V, a portable professional high-end computer, which came with Windows 8, which I upgraded to 8.1. Un
-
Scan to PDF - what version of Adobe?
Series 3050 all-in-One HP offer the option to scan a hard copy in .pdf, right? Do I need to have Adobe Pro installed to get it going, or the free Reader software will suffice? (We use Reader X on Windows Vista Home and 7 Home Premium here.)
-
Movie Maker import does not .mp3?
During the years that I was able to import audio files .mp3 in Movie Maker, it will not and it does not give me an error code. There are a few other new steps I need to do?