Will This Configuration Work? VLAN Trunking With Etherswitch HWIC

Unanswered Question

Unfortunately, I'm not in a position where I can configure and test because I don't have a test environment. So I have to get as much right as possible so that the router is plug and play.


Here's what I have to work with:

  • Cisco 2821 router
  • 2 imbedded GigabitEthernet ports (G0/0-G0/1)
  • 4 port Etherswitch HWIC (fa0/0/0-fa0/0/3)


Here's what I need to do:

  • Replace old layer 3 switch managed by ISP
  • Connect switch trunk port on 2821 to ISP router
  • Connect VLAN 360 to LAN switch
  • Connect VLAN 560 to Sonicwall

   

If I am correct, the imbedded GE ports aren't needed as they aren't vlan capable and I can do what I need to do with just the Etherswitch module.  Here's my config so far:


vlan database
vlan 1
vlan 360
vlan 560


!--default LAN

int vlan 1

description OPS_LAN
ip address 172.89.49.2 255.255.255.0


int vlan 360
description MPLS_WAN
ip address 192.168.1.2
!--insert voice qos policy here


!--Trunk port out to ISP router
int fa0/0/0
switchport trunk encapsulation dot1q
switchport mode trunk
switchport access vlan 360, 560


!--This is the public Internet to the Sonicwall device
int fa0/0/1
description TO_FIREWALL_UNTRUSTED
no shutdown
switchport access vlan 560


!--This is trusted MPLS_WAN traffic to our LAN
int fa0/0/2
description TO_LAN
no shutdow


!--Lets assume all my routes are correct

ip route 0.0.0.0 0.0.0.0 <sonicwall ip address>

.

.

.

!--End routing


I don't manage either the LAN switch or the Sonicwall.  The Sonicwall is managed by a 3rd party, but I'll assume that the configuration can stay the same.  The Dell switch I assume is an unmanaged "dumb" switch so nothing needs to be done on that end.  Does this look okay?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Giuseppe Larosa Sun, 04/18/2010 - 09:34
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Frank,

when you configure an SVI you need also a no shut to enable it


int vlan 360

no shut

int vlan 560

no shut


and so on


the rest of configuration looks like correct if the HWIC can be configured in router mode, from router CLI I mean.

(some of these etherswitch modules have their own configuration environment and are derived from C3560)


For the routing you may need additional static routes to describe networks that are reachable over the internet link.


Edit:

checked ios configuration guide your template is fine for HWIC4E


http://www.cisco.com/en/US/docs/ios/lanswitch/configuration/guide/lsw_hwic_ethsw_ic_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1027188




Hope to help

Giuseppe

Here's the completed config:


vlan database
vlan 1
vlan 360
vlan 560


int vlan 1
description OPS_LAN
ip address 172.87.49.2 255.255.255.0
no shut


int vlan 360
description MPLS_WAN
ip address 192.168.1.2
service-policy output voiceqos
no shut


!--Trunk port out to ISP router
int fa0/0/0
switchport trunk encapsulation dot1q
switchport mode trunk
spanning-tree portfast


!--This is the public Internet to the Sonicwall device
int fa0/0/1
description TO_FIREWALL_UNTRuSTED
no shutdown
switchport access vlan 560


!--This is trusted MPLS_WAN traffic to our LAN
int fa0/0/2
description TO_LAN
no shutdown


The only thing I'm not sure about is how vlan 560 will behave.  It's defined on the ISP router on the other end of the trunk.  Hopefully our router knows to send the outbound ecapsulated traffic to the trunk port.

Actions

This Discussion