cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1103
Views
5
Helpful
26
Replies

Basic questions to get my switch to operate

laujtxoov
Level 1
Level 1

I inherited the job of manageing a Cisco Catalyst 2900 Series XL switch. Here is what I wanted to do. We have 15 computers. Of the 15 computers, one is the domain server. I want to get all 15 computers to be able to access the Internet through the switch but using only one public IP which is through the domain server. The other 14 computers will have a private IP address.

1. Does it matter which port I plug the ethernet cable that goes out to the Internet to?

2. How do I configure the port that connects to the Internet to allow all computers to access the Internet?

3. Do I have to configure all 15 ports individually so that it is able to access the Internet? If so, how?

Many thanks in advance.

1 Accepted Solution

Accepted Solutions

Ok.... I am assuming that you are NOT using VLAN 100 for anything? If so, go back into config mode and paste this in:

interface FastEthernet0/1

duplex full

speed 100

no switchport access vlan 100

!

interface FastEthernet0/2

no switchport access vlan 100

!

interface FastEthernet0/3

no switchport access vlan 100

!

interface FastEthernet0/4

no switchport access vlan 100

!

interface FastEthernet0/5

no switchport access vlan 100

!

interface FastEthernet0/6

no switchport access vlan 100

!

interface FastEthernet0/7

no switchport access vlan 100

!

interface FastEthernet0/8

no switchport access vlan 100

!

interface FastEthernet0/9

no switchport access vlan 100

!

interface FastEthernet0/10

no switchport access vlan 100

!

interface FastEthernet0/11

no switchport access vlan 100

!

interface FastEthernet0/12

no switchport access vlan 100

!

interface FastEthernet0/13

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/14

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/15

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/16

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/17

spanning-tree portfast

!

interface FastEthernet0/18

spanning-tree portfast

!

interface FastEthernet0/19

spanning-tree portfast

!

interface FastEthernet0/20

spanning-tree portfast

!

interface FastEthernet0/21

spanning-tree portfast

!

interface FastEthernet0/22

spanning-tree portfast

!

interface FastEthernet0/23

no switchport trunk encapsulation dot1q

no switchport mode multi

spanning-tree portfast

!

interface FastEthernet0/24

spanning-tree portfast

Also, add the ip default-gateway statement, using the next-hop address.

Then try to get access to the internet. You can plug the ethernet cable to the internet in any port - they're all configured the same now.

If it works, save the config.

HTH,

Paul

View solution in original post

26 Replies 26

pstebner1
Level 1
Level 1

Hi-

You don't need to do anything to your switch. The 2900 is a layer 2 switch meaning that IP addresses don't mean anything to it - it only cares about MAC addresses which don't effect you in this situation.

I'm not sure as to your topology - a diagram would be helpful (i.e. what is your domain server connected to? Is there a firewall in the picture? A router?)

Long story short, the switch doesn't need to be configured at all. As for the rest of your network...

HTH,

Paul

Thanks for the response. Our network topology as I understand it is quite simple. In this room we have a switch, the one I'm asking for help. There are 15 computers connected to this switch. From this switch, it goes out to another switch in the building and from this building switch it goes out to the head quarter domain controler and from there I don't know. As far as my concern goes, I only have to manage the switch in our room.

So here's what I did. I plug in the ethernet cable coming from the switch in the building into one of the available ports in our room switch but none of the computers can access the Internet. So then I think there must be something in the switch that I need to allow so all the computers connecting to our switch can see access the Internet. But I don't know how to go about trouble shooting that or configuring that.

Hi-

It is doubtful that the switch is actually blocking anything. That would require port security and I doubt that that's the culprit here.

Do you know if this company is using DHCP? Do the pcs have addresses? Can they ping each other? Can they ping the PDC? Does the PDC have internet access?

These are all things that need to be checked.

HTH,

Paul

p.s., post the switch config just in case...

Here's the situation. All the 14 computers recieved their IP address from our personal domain controller, not from the head quarter DC. When the ethernet cable is plugged into, say port 18, none of the computers can access the Intenert; however, all computers can ping each other and the whole works except Internet access. Okay, so since it does not work, I put in another NIC into our DC and hook the ethernet cable to that second NIC and configure a Routing and Remote Access on our DC server. This temporary solution allows all our computers to access the Internet. But now, what I wanted to do is instead of the ethernet cable goes to the second NIC of the DC server, it goes into the switch. Currently our DC server receives a static IP from the headquarter DC server.

Ok.... You say that they can ping each other and "the whole works" -does this mean that they can ping the DC in the other building or not?

I need to see your switch config. Can you post?

Yes, right now all the computers, through the Routing and Remote Access, all the computers can ping each other as well as any computer on other network. But again, I don't want to use the Routing and Remote Access anymore. If I unplug the ethernet cable from the second NIC in our DC server and plug it in port 18, nothing would work. The only thing would work is all the 14 clients plus the DC server would be able to communicate with each other but cannot ping any computer out of the switch or other network.

How do I print out the switch config?

Do you know how to connect to the console port of the switch? Here is a link to a guide on how to initially config a 2900 series switch:

http://www.cisco.com/en/US/products/hw/switches/ps606/products_configuration_guide_chapter09186a008007f1a5.html#xtocid104504

If you do not have the password you will have to do password recovery:

http://www.cisco.com/en/US/products/hw/switches/ps628/products_password_recovery09186a0080094184.shtml

HTH,

Paul

You may need to configure the default ip gateway on the switch. From config mode the command is " ip default-gateway X.X.X.X " where X is the next hop router

I know how to get in and I do have the password. You said you like to see the configuration...and I just needed to do that so I can post the configuration page here.

Hi-

Go to enable mode and do a 'sh run' - copy the text (You can capture it if you're using HyperTerm) and post it here.

Btw, the previous poster was correct - you may simply need to put in a default gateway.

Paul

Okay, here's the configuration page. Keep in my mind that I have not plug in the ethernet cable that goes out to the Internet in any of the port in the switch. The ethernet cable is still connected in the second NIC of the DC server that runs the routing and remote access service.

sh run

Building configuration...

Current configuration:

!

version 12.0

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname myRoomSwitch

!

enable secret 5 $1$3gd1$FJEVk0KfNQV

!

!

!

!

!

!

ip subnet-zero

!

!

!

interface FastEthernet0/1

duplex half

speed 10

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/2

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/3

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/4

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/5

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/6

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/7

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/8

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/9

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/10

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/11

duplex full

speed 100

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/12

switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/13

duplex full

speed 100

switchport access vlan 100

!

interface FastEthernet0/14

switchport access vlan 100

!

interface FastEthernet0/15

switchport access vlan 100

!

interface FastEthernet0/16

duplex full

speed 100

switchport access vlan 100

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

duplex full

speed 100

switchport trunk encapsulation dot1q

switchport mode multi

!

interface FastEthernet0/24

!

interface VLAN1

no ip directed-broadcast

no ip route-cache

!

!

line con 0

password myPassword

login

transport input none

stopbits 1

line vty 0 4

password myPassword

login

line vty 5 15

password myPassword

login

!

end

Questions are, what port I should connect the ethernet cable that goes out to the Internet to? What are my next steps to get the switch to allow all computers to access the Internet once I plugged in the Internet ethernet cable to the switch's port?

Yes, I will consider the previous poster's suggestion too.

Ok.... I am assuming that you are NOT using VLAN 100 for anything? If so, go back into config mode and paste this in:

interface FastEthernet0/1

duplex full

speed 100

no switchport access vlan 100

!

interface FastEthernet0/2

no switchport access vlan 100

!

interface FastEthernet0/3

no switchport access vlan 100

!

interface FastEthernet0/4

no switchport access vlan 100

!

interface FastEthernet0/5

no switchport access vlan 100

!

interface FastEthernet0/6

no switchport access vlan 100

!

interface FastEthernet0/7

no switchport access vlan 100

!

interface FastEthernet0/8

no switchport access vlan 100

!

interface FastEthernet0/9

no switchport access vlan 100

!

interface FastEthernet0/10

no switchport access vlan 100

!

interface FastEthernet0/11

no switchport access vlan 100

!

interface FastEthernet0/12

no switchport access vlan 100

!

interface FastEthernet0/13

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/14

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/15

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/16

no switchport access vlan 100

spanning-tree portfast

!

interface FastEthernet0/17

spanning-tree portfast

!

interface FastEthernet0/18

spanning-tree portfast

!

interface FastEthernet0/19

spanning-tree portfast

!

interface FastEthernet0/20

spanning-tree portfast

!

interface FastEthernet0/21

spanning-tree portfast

!

interface FastEthernet0/22

spanning-tree portfast

!

interface FastEthernet0/23

no switchport trunk encapsulation dot1q

no switchport mode multi

spanning-tree portfast

!

interface FastEthernet0/24

spanning-tree portfast

Also, add the ip default-gateway statement, using the next-hop address.

Then try to get access to the internet. You can plug the ethernet cable to the internet in any port - they're all configured the same now.

If it works, save the config.

HTH,

Paul

Okay, before I pasted this in and test the switch, should I disabled the Routing and Remote Access service and plug in the Internet ethernet cable to the switch port?

Yes. Go ahead and do that.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: