Our network is currently all a single subnet with two 3550 and one 3524XL switches, as well as an ICS-7750 VoIP system. Our default gateway is a 515 Pix.
I would like to implement VLANs - probably users, voice, a WLAN guest for internet only, and a WWAN. DHCP server is Windows.
From here I know that I'll need a router, but I would like advice as to which. I think I have enough sample documentation to get it from there, however if what I have planned isn't possible I would like advice on a revised plan.
What software version are you running on the 3550 ?? Is it EMI or SMI ?? If it is EMI, the 3550 can support the Intervlan routing. You do not need an external router for this. Incase, it is SMI, & if you have an IOS more than 12.1(11) EA1, you can run Intervlan routing. Its always good to have a Layer 3 switch which does the L3 routing between VLANs, since you can have more control of the traffic flowing through it. You can also implement stuffs like HSRP on these core switches and give a higly available design.. Have a look at this doc, which can help you in Inter-vlan routing:
You can implement VLANs on the core and configure it as a VTP server. The edge switches can be configured as clients or transparent mode.
You can implement different kinds of VLANs. I guess u have all the config docs on CCO. For WLAN guests, you can manually configure the Guest VLAN on the interface or use some kinda ACS authentication server for automatic allocation of VLAN through DOT1X protocol. So, your case it would be straight forward for the other VLANs --- go to the vlan database, add the VLAN, assign the VLAN on the interface, define Layer 3 VLAN interface if required and finish it off. For more security, u can configure VLAN ACL's on the Layer 3 interface to restrict traffic between VLANs.
Hope this helps. all the best.. rate replies if found useful.
Check you have C3550 setup VTP server with domain name
Check C3524 is setup as client with correct Domain name as C3550
make sure the connection betwen both switches is set as Dot1Q trunk (both ends)
Your Vlans and SVI interfaces should be configured on C3550 with corresponding Ip addresses and are not shutdown
ensure "ip routing" is confgured on C3550 to perform Vlan routing.
If you still get a problem then please share your configs and topology so we can be more specific to help. When posting configs don't forget to remove passwords and change IP addresses in your config info.
Well, I found one problem which was that I didn't set the IP helper-address so the clients couldn't register with DHCP. Now that that is fixed, clients can connect, however there are some additional problems.
-Only VLAN1 can view internet through the Pix. Only VLAN1 can ping pix.
-VTP appears configured properly, but changes aren't replicated to the client switches. Am I misunderstanding this feature?
-VLAN20 often gets assigned IP address from the VLAN1 scope. Devices are still showing as registered in VLAN20, but assigned a 10.36.x.x address.
-Still timing out on pings. VLAN20 usually succeeds with the first couple pings, then times out on the rest with a sporadic success here and there. VLAN44 usually times out on the first few pings, but is successful from there on out.
I have attached my configurations. I feel I must be missing something simple.
Agree with shaheen. you need to set the correct configs for the trunk, VTP, ip routing etc, to make this work.. also provide the correct def gateways for the PC's .. once this is setup right, u can cmmunicate between VLANs without any pakcet drop.. let us know if you need any more help in this.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...