Connect two Catalyst 3950G

Unanswered Question
May 12th, 2008

Hi,

I have two Catalyst that I would like to connect with each other. They just have basic configuration with with just one VLAN. My proposal about how to make them talk with each other so that each vlan sees the other one and viceversa is. See attached txt.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Mon, 05/12/2008 - 00:17

Couple of things

1) You don't need to make the link a trunk link if you only have one vlan (vlan 1) goin across it. Doesn't matter if you do but just to let you know you don't need to.

2) Remove the "switchport protected" config - you definitely do not want this.

3) SW1

interface Vlan1

ip address 192.168.165.10 255.255.255.0

SW2

interface Vlan1

ip address 192.168.167.10 255.255.255.0

You should be using an address on SW2 out of the same subnet range as allocated on SW1 ie.

192.168.165.0/24

Jon

SpeedLottery Mon, 05/12/2008 - 00:57

ok,I will remove the switchport protected command..

The reason of the different ip addresses on SW1 and SW2 is because each Switch manages different system enviroments, Production for sw1 and Test for sw2, so therefore they are on different subnets.

Jon Marshall Mon, 05/12/2008 - 01:01

Okay perhaps i have misunderstod your requirements.

All the machines on both switches are in the same vlan with your configuration as it is but this doesn't sound like what you want.

Do you want all your machines to be in the same vlan ?

Jon

SpeedLottery Mon, 05/12/2008 - 01:12

No, no. What i need is to connect SW2 to Sw1 becouse Sw1 is connected to the internet and so therefore i can get remote assistance from my tech-support. Sw2 and the machines connected to it is now isolated, and i need also to get remote assistance.

Both switches where initialy connected with one router, but the router is now used for something different. so now i just have the switches and they are not connected anymore.

By the way, the ethernet cable to use for these is crossover cable or straight through.

Jon Marshall Mon, 05/12/2008 - 01:21

Use a crossover.

Still not 100% sure what you want. Simply put

1) If you want all machines in same vlan carry on as you were but you will need to give the vlan 1 interface on SW2 an ip address out of the 192.168.65.0/24 subnet.

2) If you want separate vlans then you need to create another vlan on SW2 and allocate test machines into this vlan. You would then need to router between vlan 1 (production) and your new vlan.

Jon

SpeedLottery Mon, 05/12/2008 - 01:31

Ok, I think i get it.

I need separate Vlans. i will create a new vlan on sw2 and put machines into this vlan. and then use vlan1 with ip 192.168.165.0/24 subnet, and give the new vlan the gateway of vlan 1 so that it connects to the other switch, with crossover cable.

Jon Marshall Mon, 05/12/2008 - 02:04

That won't work.

You need to

1) Create new vlan (vlan 2 for arguments sake ) as you say. Make sure vlan is on both switches.

2) Allow that vlan across the trunk link.

3) Create a L3 vlan interface on SW1 for the new vlan eg.

int vlan 2

ip address 192.168.167.1 255.255.255.0

4) Change vlan 1 address on sw1 to 192.168.165.x/24 address.

5) allocate test machines into vlan 2

6) enable "ip routing" on sw1.

Then SW1 will route between vlan 1 and vlan 2.

Jon

SpeedLottery Mon, 05/12/2008 - 03:08

what happens if the cable is not crossover , doesnt the switch make the change?

SpeedLottery Tue, 05/13/2008 - 01:00

Ok, this is what happenned.

Connect a crossover cable each end on both switches.

On Sw2 create a new vlan and move all machines to this new vlan. the default vlan is now on the same subnet as sw1. so i see all the machines connected to sw1. but not the other way, on sw1 i cannot ping machines on sw2.

Jon Marshall Tue, 05/13/2008 - 01:43

Can you post configs of sw1 and sw2 and also explain how the routing to the Internet happens at present ie. do you have a separate router for this.

Jon

SpeedLottery Tue, 05/13/2008 - 03:09

There is also a firewall in routed mode, which has the 192.168.165.1 ip for the internal-lan. the firewall routes the lan to the internet through an outside-interface

Attachment: 

Actions

This Discussion