dhimancisco Mon, 02/11/2008 - 23:28
User Badges:

Hi,


u can try like this


int vlan x

ip add x.x.x.x x.x.x.x

no shut

!

int vlan x

ip add x.x.x.x x.x.x.x

no shut

!

ip routing

!

router ( routing protocol which u are using)

network x.x.x.x (this portion is totally dependent on the protocol u r using)

!

ip default-gateway x.x.x.x ( if the switch is connected to the router/switch , then the interface through which it is connected,the ip add of the interface will be the ip of the default-gateway)


!

now if u are coing to configure ur vlans in database( in case u are creating subinterfaces in router and creating vlans for those subnetworks).


then follow this


!

#conf t

#vlan X

(vlan)#name XXX

exit

!

#conf t

#vlan X

(vlan)#name XXX

exit

!

vtp domain XXX

vtp mode server/client (as per u)





if u cn tell me in detail...I can help u better.


If it works then rate it pls

Goutam Sanyal Tue, 02/12/2008 - 00:10
User Badges:
  • Silver, 250 points or more

Hi,


According to Cisco:

*******************


Cat3550#show running-config

Building configuration...


Current configuration : 3092 bytes

!

version 12.1

no service single-slot-reload-enable

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Cat3550

!

!

ip subnet-zero


!--- Enable IP routing for interVLAN routing.


ip routing

!!

!

spanning-tree extend system-id

!

!

!

interface FastEthernet0/1

no ip address

!


!--- Output suppressed.


!

interface FastEthernet0/5

description to SERVER_1


!--- Configure the server port to be in the server VLAN, VLAN 3.


switchport access vlan 3


!--- Configure the port to be an access port to prevent trunk negotiation delays.


switchport mode access

no ip address


!--- Configure PortFast for initial Spanning Tree Protocol (STP) delay. Refer to

!--- Using PortFast and Other Commands to Fix Workstation Startup Connectivity Delays

!--- for more information.


spanning-tree portfast

!


!--- Output suppressed.


!

interface FastEthernet0/48

description To Internet_Router


!--- The port that connects to the router converts into a routed (L3) port.


no switchport


!--- Configure the IP address on this port.


ip address 200.1.1.1 255.255.255.252

!

interface GigabitEthernet0/1

description To 2950


!--- Configure IEEE 802.1 (dot1q) trunking, with negotiation, on the L2 switch.

!--- If there is not support for Dynamic Trunking Protocol (DTP) on the far switch,

!--- issue the switchport mode trunk command to force the switch port to trunk mode.

!--- Note: The default trunking mode is dynamic auto. If you establish a trunk link

!--- with the default trunking mode, the trunk does not appear

!--- in the configuration, even though a trunk has been established on

!--- the interface. Use the show interfaces trunk command to verify the

!--- establishment of the trunk.


switchport trunk encapsulation dot1q

no ip address

!

interface GigabitEthernet0/2

description To 2948G

switchport trunk encapsulation dot1q

no ip address

!

interface Vlan1

no ip address

shutdown

!

interface Vlan2

description USER_VLAN


!--- This IP address is the default gateway for users.


ip address 10.1.2.1 255.255.255.0

!

interface Vlan3

description SERVER_VLAN


!--- This IP address is the default gateway for servers.


ip address 10.1.3.1 255.255.255.0

!

interface Vlan10

description MANAGEMENT_VLAN


!--- This IP address is the default gateway for other L2 switches.


ip address 10.1.10.1 255.255.255.0

!

ip classless


!--- This route statement allows the 3550 to send Internet traffic to

!--- the default router which, in this case, is the 7200VXR (Fe 0/0 interface).


ip route 0.0.0.0 0.0.0.0 200.1.1.2

ip http server

!

!

!

line con 0

line vty 5 15

!

end



-----

Note: Since the 3550 has configuration as a VLAN Trunk Protocol (VTP) server, the switch does not display the VTP configuration. This behavior is standard. This switch uses these commands to create a VTP server with the three VLANs that the user defined from global configuration mode:


Cat3550(config)#vtp domain cisco

Cat3550(config)#vtp mode server

Cat3550(config)#vlan 2

Cat3550(config-vlan)#name USER_VLAN

Cat3550(config-vlan)#exit

Cat3550(config)#vlan 3

Cat3550(config-vlan)#name SERVER_VLAN

Cat3550(config-vlan)#exit

Cat3550(config)#vlan 10

Cat3550(config-vlan)#name MANAGEMENT



Thanks

Goutam

[Pls rate if it works]

Source:www.cisco.com



Attachment: 
Johann Frey Wed, 02/13/2008 - 03:38
User Badges:

how can you deny traffic between MANAGEMENT_VLAN (Vlan10) and the other Vlans?

Goutam Sanyal Wed, 02/13/2008 - 04:49
User Badges:
  • Silver, 250 points or more

Hi,


If u r not using inter-vlan routing, then no vlan will communicate to each other.


Also u can define via Vlan-ACL


Thanks

Goutam

Actions

This Discussion