vlan - Page 3 - Developer IT

DHCPOFFER delay VLAN

- by john883

I have configured two VLANs [ 15 and 16 ] and a trunkport on a Cisco Catalyst 2960. The trunkport is connected to eth2 on a Linux server The server is configured to support VLAN's and the interfaces eth2.15 eth2.16 is configured with ip addresses on two different subnet. dhcp3-server is running on the same server and hands out IP-addresses to the VLANs. When connecting a client to a port that is configured in ex. VLAN 15 and requesting a IP-address, i experience a long delay before recieving a DHCPOFFER, around 30 seconds or so, the client needs to send a DHCPDISCOVER about five times but will always recieve a DHCPOFFER. Any suggestion why this delay is happening?

Read the article

Vlan Tagging at Access Port in Switch

- by singh

I'm Confused from the fact that Vlan tagging is done at access port and trunk port always gets tagged packets (until its case of native vlan).But I still believe in other fact which says tagging happen only when a frame hit the trunk port which means trunk port gets untagged frame and tagging is not possible at access port. Would like to know where actually this tagging happens ? and also which command we can use to encapsulate 802.1q protocol to access port ? The way we do at trunk port is switchport trunk encapsulation dot1q Is the above command applicable for access mode also?

Read the article

VLAN Configuration Conflict, Who Wins?

- by Kevin

I'm new to VLANs, so take that into consideration... Lets say that I had a server set up to create a virtual interface that is set to be tagged as VLAN 3. For example, the following Debian config: iface eth0.1 inet static address 192.168.1.1 netmask 255.255.255.0 Now on my switch, lets say that I have the port that the aforementioned server connects to, set to VLAN 4... Who wins? What are the packets tagged as, as viewed by the rest of the network?

Read the article

HP Procurve Issue Passing Multiple VLANs over a link

- by MichaelRwat

Just to start off with I am a Cisco guy that got placed into an HP project. Basic topology overview from outside in: ASA 5505 with two Ethernet connections to a 2910-24 port switch. This switch is then (Cisco Trunking) to a 2626 switch passing vlan (1 untagged and 100 tagged)between them. I created SVI's on each of the switches for both VLAN's for testing purposes. I can not get vlan 100 to pass across this link. I also have trunks configured to AP's off of the switch and can not ping the vlan 100 BVI on the AP's but can reach the vlan 1 BVI. Port 25 on Access layer (2626) connects (trunks) with port A1 of 2610. STP is not running at all on any switch (this is not my network I can't change this nor did I design this) Distribution Sw: MP1-0# show run ip default-gateway 10.100.100.100 vlan 1 name "DATA" untagged 1-22,24-A1,B1 ip address 10.100.100.6 255.255.255.0 no untagged 23 exit vlan 100 name "GUEST" untagged 23 tagged 24-A1 ip address 10.100.102.6 255.255.255.0 exit Access Sw: ip default-gateway 10.100.100.100 vlan 1 name "DEFAULT_VLAN" untagged 1-26 ip address 10.100.100.5 255.255.255.0 exit vlan 100 name "GUEST" ip address 10.100.102.5 255.255.255.0 tagged 15,25 exitt From the ASA I can ping the vlan 100 address of the 2610 but not the 2626 (10.100.102.6)[Not passing the "trunk"] If I plug into an access port vlan 100 of the 2626 I can ping the SVI for vlan 100 as intended. I can not ping across the "trunk" over vlan 100 but I can across vlan 1. There may be something obvious I'm missing but please review my configuration and thank you for the assistance.

Read the article

Any program to help me check whether an ethernet channel can support full-length VLAN packet?

- by Jimm Chen

Sometimes, I have to face such a situation that I need to quickly and explicitly know whether a full length VLAN packet can traverse between two RJ45 ports. Yes, I mean 802.1Q ethernet frame with Etype=81 00 (diagram below). What I can do now is: Get two Windows PCs, for each PC, intall Intel Gigabit NIC and Intel specific driver to create a virtual NIC, with VLAN ID=3 assigned. Then connect the two PCs to each of the two RJ45 port. Finally execute ping to generate a full-length ethernet packet. ping -f -l 1472 <dest-IP> This way, I can be sure that the sent packet has the maximum "IP data payload" of 1500 bytes(8 bytes of ICMP header and 1472 bytes of ICMP data). If the ping gets reply, I know that the ethernet channel support full-length VLAN packet. From my experiment, some home switch or broad band routers(e.g. Linksys WRT54G) does not support full-length VLAN packet switching, so only ping -f -l 1468 succeeds. You see, I have to use an expensive Intel NIC to carry on that test, quite inconvenient. You know, for most laptop today, they do not equip an Intel NIC, and, even it is an Intel NIC, Intel VLAN driver, Intel has limitations on the models on which VLAN driver can be installed. So, my question is: Is there a small program that can let me send a full-length VLAN packet without installing a dedicated VLAN driver? Or better, the program has a stock feature that does the very job for my situation. Windows programs preferred, Linux solution welcome. Simpler the program, the better. Thank you.

Read the article

Cisco VPN endpoints disconnecting from a VLAN

- by dunxd

I have a number of Cisco ASA 5505 and PIX 506e around the world acting as VPN endpoints. They connect to a Cisco VPN Concentrator 3000 at HQ. I am using EZVPN to set up the VPN (i.e. most of the config is central on the VPN Concentrator) The majority of endpoints work absolutely fine. However, there are three that do not. 2 ASAs and 1 PIX get disconnected from one of the VLANs on our network. This is the VLAN that my monitoring server runs on - so those endpoints look as if they have gone down. However, I can still ping the endpoints from our user VLAN. If I then SSH onto the endpoint, and do a ping to my monitoring server, the connection comes back. Then after about 10 minutes it stops working again. I've looked at the configuration of my endpoints, and I can't see any significant differences. One common feature is that the affected endpoints are connecting to the internet via retail quality routers. However, I don't see how this could affect traffic within a VPN tunnel. Any ideas or suggestions? I've also got a thread on Cisco's forums at https://supportforums.cisco.com/thread/344638. One other person has reported the same problem.

Read the article

Inter-VLAN Malicious Code Scanning

- by Jackthedog

I am trying to find an inbuilt solution on a Cisco Catayst 3750X Switch to scan all traffic routed from one VLAN to another for malicious code. The situation is that we currently have a development environment which is currently being redesigned to upgrade the network infrastructure to use the 3750X switches to manage server and workstation connectivity as well as inter-VLAN routing. We also have another system that is responsible for taking the builds created on the development environment and imaging various HDDs. Because these are two separate systems, we have a requirement in the workplace to anti-virus scan any data transferred between these systems. This is done by copying the data from the originating system to external USB HDD, scanning in a standalone workstation and then copying the data on to the receiving system. As you can imagine this is extremely tedious and impractical most of the time... (I don't make the rules). Anyway, with this redesign going on, we would like to join the imaging system to the network infrastructure of the development system, keeping separation by the use of VLANs and restricting traffic by using ACLs. As we still have the requirement to scan all traffic I would like to configure some sort of malicious code scanning when ever traffic is routed between these VLANs. I am aware I could install a separate in-line IPS/IDS device, however both systems will be using multiple ports on the switch (obviously), and we won't be able to put a device on each port. I would would prefer not to add additional hardware if the 3750x switch is capable of doing the job. Is anyone aware of any Cisco solution that I could use here, that ideally can be incorporated into the 3750x switch? Thanks in advance.

Read the article

KVM guest VLAN aware problems

- by baraka

Hi, We are using Centos 5.5. as KVM host. It has two nics. One for management and the other one for services. As we have services in multiple vlans this nic is configured as a 802.1Q trunk. Any VM must be able to have access to any vlan, so host trunk interface is bridged to its tap interface and vlan is configured inside VM. Everything works fine while there is not heavy traffic. I can not find any log on guest or host, but, after some certain sustained big file transfer (about 6Gb) bridging stop working. Other guest on the same host continue working without problems. tcpdump on bridge interface is Ok, but on guest tap inferface I can see only outgoing traffic. Restarting bridge or rejoining tap interface doesn't provide any clue. Rebooting guest turns on bridge again. Bridge configuration is minimal: just addbr and addif (no stp). Any idea welcome!

Read the article

Linux VLAN Bridge

- by raspi

I have home network with VLANs, one for LAN, one for WLAN and one for internet. I'd like to use bridging so that instead of configuring these same VLANs to every machine, they had own VLAN ID and bridges were LAN, WLAN and internet. I've tried it but for some reason keep-alive/ttl seems to get broken because SSH sessions etc suddenly disconnects. We have this same setup working in workplace for 4+ years with 100+ customers but it's custom firewall/router hardware so accessing it is impossible. I know that it runs Linux. So what is Debian/Ubuntu default network settings doing wrong or is it just NIC driver/hw problem? I've tried to mess araund with ttl etc settings without any luck. The bad stuff is happening in the bridge because current VLAN-only setup works fine. interfaces: auto lo iface lo inet loopback # The primary network interface allow-hotplug eth0 allow-hotplug eth1 iface eth0 inet static iface eth1 inet static auto vlan111 auto vlan222 auto vlan333 auto vlan444 auto br0 auto br1 auto br2 # LAN iface vlan111 inet static vlan_raw_device eth0 # WLAN iface vlan222 inet static vlan_raw_device eth0 # ADSL Modem iface vlan333 inet static vlan_raw_device eth1 # Internet iface vlan444 inet static vlan_raw_device eth0 # LAN bridge iface br0 inet static address 192.168.0.1 netmask 255.255.255.0 bridge_ports eth0.111 bridge_stp on # Internet bridge iface br1 inet static address x.x.x.x netmask x.x.x.x gateway x.x.x.x bridge_ports eth1.333 eth0.444 bridge_stp on post-up iptables -t nat -A POSTROUTING -o br1 -j MASQUERADE pre-down iptables -t nat -D POSTROUTING -o br1 -j MASQUERADE # WLAN bridge iface br2 inet static address 192.168.1.1 netmask 255.255.255.0 bridge_ports eth0.222 bridge_stp on Sysctl: net.ipv4.conf.default.forwarding=1

Read the article

Best way to segment traffic, Vlan or subnet

- by thebird

We have a medium sized network of around 200 nodes and are currently in the process of replacing old daisy chained switches with stack-able or chassis style switches. Right now our network is broken up via subnet; production, management, IP, etc each on a separate subnet. Does anyone have an opinion on whether creating Vlan's instead of subnets would be more beneficial? Our general goal is to prevent bottlenecks, separate traffic for security, and to manage traffic with more ease.

Read the article

Vlan on astaro 120

- by Crash893

(I'm not 100% sure where networking/router questions go this is my best guess) I have a astaro (sophos) white UTM 120 router for work I also have about 11 Voip phones with an externaly hosted pbx (company name = pingtone) Is there any advantage to setting up the phones on a vlan vs making a qos rule that all traffic to my tftp server gets right of way? networking is still a little soft to me Thanks

Read the article

Vlan and Switch setting - dummy

- by Andras Sebestyen

I need to speak tomorrow the network engineer and I would like to understand his so apologise for the Dummy question: In the school we have a cab with a 24 port Netgear manageable switch with an admin and curriculum VLAN settings. Usually, as I over heard, in the morning and around 4.30pm there are a slowdown period on the computers which connect to this switch. No one could track this back yet. Questions: What is the best way to track back this slowdown Would it be a temporary solution to physical separate the two network with 2 switches If that would work how can I link them together to be able to see the curriculum from the admin side. Do I need an extra router then? Too many questions but I have no clue where to start and the gentleman will be paid by hours... can you see where I am coming from?:) Could you guide me in the right direction please? Any comment would be appreciated and please send links if you down vote the question:)

Read the article

Error while trying to configure VLAN with Open vSwitch

- by Abhishek Chanda

I am trying to connect a number of VMs using Open vSwitch. The VMs are on two separate physical boxes. Here is what I did: Created two tap devices on one physical host sudo ip tuntap add mode tap tap0 and same for tap1 Bring them up sudo ip link set tap0 up Add them as ports to Open vSwitch (br0 was created as a OVS bridge previously) sudo ovs-vsctl add-port br0 tap0 tag=1 Now I booted the VMs (using VirtualBox) and assigned addresses 192.168.122.11 and 192.168.122.12. Now when I try to ping one VM from another, I get the error Connect: network is unreachable. Since both VMs are connected to the switch on the same VLAN, I expect to be able to ping one from another. What is going wrong here?

Read the article

Is A Managed Switch With VLAN Support Required

- by Justin

Hello, I am wondering if I need to buy a switch which is managed (VLAN support) for my configuration, or will a cheaper unmanaged switch work? I have servers with two NICS each. The first NIC is public and the second NIC is private. The router will plug into the switch port 1 let's say (public). Then server 1 public plugs into port 2 on the switch, and sever 1 private plugs into port 3 on the switch. The public interface is: 192.168.X.X / 255.255.0.0 and the private interface is 10.0.X.X / 255.255.0.0. So looks like: ** SWITCH ** Port Device Network 1 Router/Firewall 192.168.X.X 2 Server 1 Public 192.168.X.X 3 Server 1 Private 10.0.X.X 4 Server 2 Public 192.168.X.X 5 Server 2 Private 10.0.X.X 6 Server 3 Public 192.168.X.X 7 Server 3 Private 10.0.X.X Thanks.

Read the article

Set up layer 2 vlan between 2 data centres

- by user41679

Hello, Our data centre provider operates 2 sites, and we currently have equipment in one and would like to have equipment in the second. They've told me that they operate a layer 2 vlan between the 2 sites over a 20gbit connection, and that they'd just give me ethernet cable at each end to connect the locations. At the current site, we have Cisco 2960 48TC-L switches, all the machines are on a 192.168.x.x subnet and we have cisco firewalls with which we connect to our internet provider with. My question is what would I need to do to connect the 2 sites? could I just plug the ethernet cables the provide into the cisco switches, and have the same switches the other end? would I need to set up a separate internal network on the other side and connect both through the firewalls? Would the cisco switches need special configuration? We expect to maintain a number of connections between the 2 sites, and each site would have its own internal dns name like dc1.xx.com. Sorry if I'm being vague or haven't included enough information, I've a fairly good knowledge of hardware but we're down a netops guy at the moment and I'd like to get both sites on-line ASAP! Thanks in advance!

Read the article

Configure vlan on Netgear switch via SNMP

- by Russell Gallop

I am trying to configure vlans on a netgear GS752TSX from the Linux command line with netsnmp. I have created vlan 99 on the web interface now want to control the pvid settings, egress and tagging. I have identified these as the MIBs I need to change: dot1qPvid.<port> dot1qVlanStaticEgressPorts.99 dot1qVlanStaticUntaggedPorts.99 Pvid works as I expect: $ snmpset -r 1 -t 20 -v 2c -c private <switch> dot1qPvid.17 u 99 Q-BRIDGE-MIB::dot1qPvid.17 = Gauge32: 99 $ snmpget -r 1 -t 20 -v 2c -c private <switch> dot1qPvid.17 Q-BRIDGE-MIB::dot1qPvid.17 = Gauge32: 99 and so do the egress ports: $ snmpset -r 1 -t 20 -v 2c -c private <switch> dot1qVlanStaticEgressPorts.99 x 'ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00' Q-BRIDGE-MIB::dot1qVlanStaticEgressPorts.99 = Hex-STRING: FF FF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 $ snmpget -r 1 -t 20 -v 2c -c private <switch> dot1qVlanStaticEgressPorts.99 Q-BRIDGE-MIB::dot1qVlanStaticEgressPorts.99 = Hex-STRING: FF FF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 But untagging the ports doesn't seem to remember my setting: $ snmpset -r 1 -t 20 -v 2c -c private <switch> dot1qVlanStaticUntaggedPorts.99 x 'ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00' Q-BRIDGE-MIB::dot1qVlanStaticUntaggedPorts.99 = Hex-STRING: FF FF FF FF FF FF 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 $ snmpget -r 1 -t 20 -v 2c -c private <switch> dot1qVlanStaticUntaggedPorts.99 Q-BRIDGE-MIB::dot1qVlanStaticUntaggedPorts.99 = Hex-STRING: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 I have tried netsnmp 5.4.1 and 5.7.2. Is there something I'm doing wrong?

Read the article

Debian: Should I add vlan interface into bridge for KVM?

- by javano

I am setting up a Debian Squeeze box as a KVM host. I want to add multiple interfaces to each KVM guest so I want them to be on different VLANs. After reading about this, I believe the best method is to add multiple logical VLAN (sub)-interfaces to the physical NICs and then create a bridge adapter for each VLAN interace, and assign each bridge as a NIC for KVM guests. Does this make good sense, or madness? Do I have to use bridged interfaces with KVM like this? Can't I just add eth1.xx and eth1.yy to my interfaces config below and then configure those directly as bridged KVM guest NICs? If so, how should this look in the interfaces config file below? user@host:~$ cat /etc/network/interfaces # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # Management Interface auto eth0 iface eth0 inet static address 172.22.0.31 netmask 255.255.255.0 gateway 172.22.0.1 # Interface for guest VMs auto eth1 # Guest1 : Use VLAN 117 auto eth1.117 iface eth1.117 inet manual # Set up br1 for guest 1, bridging with vlan 117 auto br1.117 iface br1.117 inet manual bridge_ports eth1.117 bridge_stp off user@host:~$ uname -a Linux hostname 3.4.9 #1 SMP Wed Aug 22 19:08:46 BST 2012 x86_64 GNU/Linux UPDATE I would really like it if someone could clarify the config for me, as I have also seen the above configured with this syntax, so I don't see why one would be preferred over the other; # Interface for guest VMs auto eth1 allow-hotplug eth1 iface eth1 inet static # Vlan 117 for guest 1 auto vlan 117 iface vlan111 inet static vlan_raw_device eth1 # Guest 1 : NIC 1 auto br1.117 iface br1.117 inet manual bridge_ports vlan117 bridge_stp off

Read the article

Inter-vlan routing issues

- by DKNUCKLES

I've been brought in to help administer a network and I've run into an issue - I'm not sure why this one is beyond me, however I figure an extra set of eyes on the problem may help resolve the issue. I have an HP MSM720 controller and at the time I'm trying to set up a basic hotspot set up with access points. For the time being I'm just looking to have people authenticate with a PSK and access the internet and other resources (namely printers) on other vlans. The user authenticates and the DHCP server on the controller gives them a 192.168.1.0/24 address. They are able to successfully browse the internet and ping machines on other networks, however they are unable to print to network printers that sit on the same LANs as the very computers that wireless clients can ping. The (extremely simplified) topology is as follows Computers on the wireless 192.168.1.1 network are able to ping computers on the 192.168.0.0 network, however cannot ping or print to the printers on the same network. I'm baffled and I have no idea why this is the case. Can anyone shed some light on this for me? Can someone spot the error of my configuration? EDIT : It should be noted that for whatever reason other computers on the 10.0.100.0/24 network cannot even ping the gateway of the Wireless Access network (192.168.1.1) - I'm not sure if this is relevant. These are the VLANS listed on the controller.

Read the article

Cant route VLAN over VPN between Cisco ASA 5505 and Cisco 870

- by user60984

We've had an existing VPN between a 5505 and 870 for some time. We've just added VLANs to the network on the 5505 side. We can't seem to figure out how to get devices on the VLANs to communicate with devices on the 870 network which have no VLANs. We're thinking we might have to use a router of sorts to handle the routing before hitting the ASA. We thought PFsense might work well. We've been banging our heads against this thing for 2 days so any immediate help would be great. We're up against a deadline. Thanks!!!

Read the article

DDWRT VLAN Without internet

- by user148888

Hey i have WRT54G with DD-WRT v24-sp2 firmware. i got this scenario Vlan0 port 2,3,4 172.168.1.1/24 vlan1 Wan port Vlan2 port 1 172.168.2.1/24 i can ping from vlan0 to vlan2 but vlan2 can't ping to vlan0 iptables -I FORWARD -i vlan2 -o vlan1 -j DROP i use this to prevent vlan2 to have internet cuz i don't want to share my internet to vlan2 i just want to share local network betwen vlan1 and vlan2.. any help please :S:S:S

Read the article

Freeradius on Linux with dynamic VLAN assignment via AD

- by choki

I've been trying to configure my freeradius server on Linux to authenticate users from an existing Active Directory (windows server 2003) and i've already done that. Now i need to assign VLANs to those users and i dont know how to :(. The logical procedure should be with an AD attribute but i haven't found which one nor how to read it from the AD to use it on the freeradius server... Can anyone help me with this or tell me where can i find a solution? Thanks in advance

Read the article

Create True VLAN over RAS

- by Bigbohne

Hi, I was wondering if it's possible. I want to create a virtual network over RAS using Windows Server 2003. The Client should be able to connect to the server using L2TP and should get an IP Adress from a private Range (lets say 192.168.1.100 - 192.168.1.200 and a subnetmask of 255.255.255.0). Now each client connected to the server should be able to ping another connected client. e.g. 192.168.1.123 <- 192.168.1.145 via RAS via the server. Is this possible? And ... how ? best regards, andre

Read the article

Ruckus wireless AP and Dell PowerConnect configuration problems

- by DanielJay

We are working on trying to get some Ruckus Access Points to work correctly on our network. Currently our network is as follows: VLAN 10 - Servers VLAN 11 – Computers/DHCP VLAN 12 – Voice VLAN 13 – Guest We use Dell PowerConnect 6248P switches for our switches. Port settings are as follows: ZoneDirector 1100 is plugged into this port. Should be accessing the server VLAN and then allowing all other traffic. interface ethernet 1/g2 classofservice trust ip-dscp description 'Ruckus ZoneDirector 1100' switchport mode general switchport general pvid 10 switchport general allowed vlan add 10 switchport general allowed vlan add 11-13 tagged exit Access point is plugged into this port. The port has to be on VLAN 11 in order to get DHCP. interface ethernet 1/g16 classofservice trust ip-dscp description 'Ruckus - IT' switchport mode general switchport general pvid 11 switchport general allowed vlan add 10-12 switchport general allowed vlan add 13 tagged exit If we tag the traffic from the SSID as VLAN 11 data fails. If we leave the SSID tagged as 1 the data flows correctly. Are there problems with passing tagged traffic to untagged ports? We are looking to see what we can do to get the SSID tagged as 11 instead of 1. Any suggestions?

Read the article

How to configure multiple VLAN's on a lacp link aggregation on openindiana(oi_151a7)?

- by reco

i have 4 links aggregated. $ dladm show-link LINK CLASS MTU STATE BRIDGE OVER igb0 phys 1500 up -- -- igb1 phys 1500 up -- -- igb2 phys 1500 up -- -- igb3 phys 1500 up -- -- aggr0 aggr 1500 up -- igb0 igb1 igb2 igb3 i managed to create one VLAN on the aggr0 link: $ dladm show-vlan LINK VID OVER FLAGS vlan1 9 aggr0 ----- if i try to add more i get the following error: $ dladm create-vlan -v 3 -l aggr0 vlan2 dladm: create operation failed: invalid argument

Read the article

Vlans and subinterfaces

- by Adeodatus

I've inherited a moderate size network that I'm trying to bring some sanity to. Basically, its 8 public class Cs and a slew of private ranges all on one vlan (vlan1, of course). Most of the network is located throughout dark sites. I need to start separating some of the network. I've changed the ports from the main cisco switch (3560) to the cisco router (3825) and the other remote switches to trunking with dot1q encapsulation. I'd like to start moving a few select subnets to different vlans. To get some of the different services provided on our address space (and to separate customers) on to different vlans, do I need to create a subinterface on the router for each vlan and, if so, how do I get the switch port to work on a specific vlan? Keep in mind, these are dark sites and geting console access is difficult if not impossible at the moment. I was planning on creating a subinterface on the router for each vlan then setting the ports with services I want to move to a different vlan to allow only that vlan. Example of vlan3: 3825: interface GigabitEthernet0/1.3 description Vlan-3 encapsulation dot1Q 3 ip address 192.168.0.81 255.255.255.240 the connection between the switch and router: interface GigabitEthernet0/48 description Core-router switchport trunk encapsulation dot1q switchport mode trunk show interfaces gi0/48 switchport Name: Gi0/48 Switchport: Enabled Administrative Mode: trunk Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: On Access Mode VLAN: 1 (default) Trunking Native Mode VLAN: 1 (default) Administrative Native VLAN tagging: enabled Voice VLAN: none Administrative private-vlan host-association: none Administrative private-vlan mapping: none Administrative private-vlan trunk native VLAN: none Administrative private-vlan trunk Native VLAN tagging: enabled Administrative private-vlan trunk encapsulation: dot1q Administrative private-vlan trunk normal VLANs: none Administrative private-vlan trunk private VLANs: none Operational private-vlan: none Trunking VLANs Enabled: ALL Pruning VLANs Enabled: 2-1001 Capture Mode Disabled Capture VLANs Allowed: ALL Protected: false Unknown unicast blocked: disabled Unknown multicast blocked: disabled Appliance trust: none So, if the boxen hanging off of gi0/18 on the 3560 are on an unmanaged layer2 switch and all within the 192.168.0.82-95 range and are using 192.168.0.81 as their gateway, what is left to do, especially to gi0/18, to get this working on vlan3? Are there any recommendations for a better setup without taking everything offline?

Search Results

Search found 421 results on 17 pages for 'vlan'.

Page 3/17 | < Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >

- by john883

- by singh

- by Kevin

- by MichaelRwat

- by Jimm Chen

- by dunxd

- by Jackthedog

- by baraka

- by raspi

- by thebird

- by Crash893

- by Andras Sebestyen

- by Abhishek Chanda

- by Justin

- by user41679

- by Russell Gallop

- by javano

- by DKNUCKLES

- by user60984

- by user148888

- by choki

- by Bigbohne

- by DanielJay

- by reco

- by Adeodatus

< Previous Page | 1 2 3 4 5 6 7 8 9 10 11 12 | Next Page >