Configure VLAN

Unanswered Question
Sep 19th, 2007

Our consultant had created a VLAN for us. On one of 3500 switch, I have these command lines:

interface FastEthernet0/19

switchport access vlan 300

spanning-tree portfast

That works fine. However, I did the same commands on otehr 3500 swicth, that doesn't work. I can't receive IP from the DHCP. Why?

The configuration can be found thsi link:

http://www.howtocisco.com/cisco/samples/3500switch.htm

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Edison Ortiz Wed, 09/19/2007 - 14:57

What you are missing from there (not sure if you've done it already) is configuring the layer2 Vlan.

Can you please post the output from

show vlan

Also, where is the DHCP server located. On Vlan 300 ?

I see this switch has trunk ports, can you post the output from

show int trunk

Thanks

chicagotech Thu, 09/20/2007 - 08:46

1. show vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4,

Fa0/5, Fa0/6, Fa0/7, Fa0/8,

Fa0/9, Fa0/10, Fa0/11, Fa0/14,

Fa0/15, Fa0/16, Fa0/17, Fa0/18,

Fa0/19, Fa0/20, Fa0/21, Fa0/22,

Fa0/23, Fa0/24, Fa0/25, Fa0/26,

Fa0/27, Fa0/28, Fa0/29, Fa0/30,

Fa0/31, Fa0/32, Fa0/33, Fa0/34,

Fa0/35, Fa0/36, Fa0/37, Fa0/38,

Fa0/39, Fa0/40, Fa0/41, Fa0/42,

Fa0/43, Fa0/44, Fa0/45, Fa0/46,

Fa0/47

300 VLAN0300 active Fa0/12, Fa0/13

1002 fddi-default active

1003 token-ring-default active

1004 fddinet-default active

1005 trnet-default active

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

300 enet 100300 1500 - - - - - 0 0

1002 fddi 101002 1500 - - - - - 0 0

1003 tr 101003 1500 - - - - - 0 0

1004 fdnet 101004 1500 - - - ieee - 0 0

1005 trnet 101005 1500 - - - ibm - 0 0

2. show int trunk

^

% Invalid input detected at '^' marker.

3. The DHCP is located in our PIX 515Ewhich is 10.0.0.2.

Thank you.

Edison Ortiz Thu, 09/20/2007 - 12:52

PIX is on Vlan1 and the hosts are on Vlan300. You need a Layer3 switch for this task. The 3500 is Layer2 only. Can we see a 'show version' to make sure we are dealing with the right product ?

For Layer3, you need a 3550 or 3560/3750.

With a Layer3 switch, then you can configure the ip helper command under SVI 300 pointing to 10.0.0.2

chicagotech Thu, 09/20/2007 - 13:42

You may be right. That one doesn't work is 3548XL and that one works is 3560. Can I make 3548 to use vlan?

chicagotech Thu, 09/20/2007 - 13:45

Here are shh version

Cisco Internetwork Operating System Software

IOS (tm) C3500XL Software (C3500XL-C3H2S-M), Version 12.0(5)WC3b, RELEASE SOFTWA

RE (fc1)

Copyright (c) 1986-2002 by cisco Systems, Inc.

Compiled Fri 15-Feb-02 10:51 by antonino

Image text-base: 0x00003000, data-base: 0x00337600

ROM: Bootstrap program is C3500XL boot loader

gurd_3548_1 uptime is 20 minutes

System returned to ROM by reload

System image file is "flash:c3500XL-c3h2s-mz.120-5.WC3b.bin"

cisco WS-C3548-XL (PowerPC403) processor (revision 0x01) with 16384K/1024K bytes

of memory.

Processor board ID FAA0445W1CK, with hardware revision 0x00

Last reset from warm-reset

Processor is running Enterprise Edition Software

Cluster command switch capable

Cluster member switch capable

48 FastEthernet/IEEE 802.3 interface(s)

2 Gigabit Ethernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address: 00:04:4D:13:10:C0

Motherboard assembly number: 73-3903-11

Power supply part number: 34-0971-01

Motherboard serial number: FAA04449AQ1

Power supply serial number: PAC04340935

Model revision number: R0

Motherboard revision number: B0

Model number: WS-C3548-XL-EN

System serial number: FAA0445W1CK

Configuration register is 0xF

gurd_3548_1#

chicagotech Thu, 09/20/2007 - 15:47

Sorry, I am not Cisco engineer. What are the commands for both switch?

jcoke@afsimage.com Thu, 09/20/2007 - 15:55

Couple things here:

1) If the DHCP server is living on the PIX it will not ACK relayed DHCP requests (i.e. from ip-helper) This leads to my next point..

2) PIX has been doing trunking for some time so you could create a logical interface for VLAN300 and create another DHCP scope. However, getting the natting and access control working properly will be a PITA unless you're using 7.X (same-security-traffic permit inter-interface FTW).

3) Consider moving DHCP to the 3560, its a bit more flexible and you can back up the database (very important in scopes that are close to full).

4) Trunk those switches. VTP or no VTP is up to you just make sure the VLANs get created somehow. Mind your native vlans.

5) The 3500 *will* do ip helper-address for hosts so long as the vlan interface that "sees" the requests has an ip on it and the switch has ip default-gateway config'd.

Actions

This Discussion