cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
457
Views
4
Helpful
6
Replies

Global vlan for external devices

Zanne001
Level 1
Level 1

Hello! I am trying to vlan a 3548 switch so that I can put all my public-facing devices (isp router, firewall and ASA) on this switch. I cannot get the isp device to come up on the switch. I have disabled portfast, set duplex settings to 100 full, and tried both a cross-over and straight-thru to get a link light on the switch. The port is configured like this....

interface FastEthernet0/2

description Client ISP

duplex full

speed 100

switchport access vlan 20

I can't get a link light for anything. Any insight would be welcome.

Thanks!

6 Replies 6

Jon Marshall
Hall of Fame
Hall of Fame

Suzanne

If it is router then you need a straight-thru.

Have you tried all combinations of speed/duplex ?

Have you tried a different port on your switch, one that you know works ?

Are you sure that the ISP router interface has not been administratively shutdown ?

Jon

Jon,

Thanks for the response, I have tried a different port in that vlan I created (none of the 3 work) and every premutation of duplex setting. no link light at all. I have the site currently connectied directly into the firewall, and that works (and that interface is set to auto as well). The only way I can connect to the site is to keep the cable in the firewall, which is not acceptable with the addition of the ASA.

Thanks,

Suzanne

Hello Suzanne,

the ISP router can have some security mechanism like port security if it sees more then one MAC address it shuts down the port.

if so you need to put you external devices in a DMZ interface on the ASA firewall anf have ASA outside interface to connect to the ISP.

In this way only ASA outside interface MAC address is seen by the ISP router.

You can use the same switch but you need to connect it to a free interface on ASA.

Hope to help

Giuseppe

Giuseppe,

I don't think that's it as I was able to work around the issue by installing a dumb hub, and the line protocol came right up. The problem is stictly with the line protocol I think.

Thanks,

Suzanne

Hello Suzanne,

are you using the hub in place of the switch ?

Nice to hear you solved

Best Regards

Giuseppe

Giuseppe,

Yes, the hub is in line with all the public facing devices, and the switch is just the local lan. This is for a remote site (UK) so the design is far from optimal. Thanks for your responses and ideas!

Thanks,

Suzanne

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: