Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

3750X simple VLAN config

Hi guys,

I'm a little confused why my config doesn't work. Basically it's quite a simple setup.

I have a small network consisting of a 3750X with about 10clients. The clients are some PCs and some VoIP clients.

I want to separate the VoIP-clients from the PC-clients via VLANs. So, vlan999 is for the VoIP-clients, VLAN 1000 is for the data.

Further I want to have 1 admin machine that can administrate clients in both vlans. The admin machine is connected on Port 1/0/9. Now, if I want to access the switch from the admin machine, I can't get a connection. Ping is not working if the admin machine is set to a trunk with vlan 1000 and 999.

If a client is purely in vlan 999, I can ping the switch.

The admin client has the IP 192.168.0.102

Please have a look at my config because currently I'm lost. I deleted some line in the config below, but those interfaces have not been configured at all.

 


Building configuration...

Current configuration : 4420 bytes
!
version 12.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname nucleus
!
boot-start-marker
boot-end-marker
!
enable secret 5
!
username
!
!
aaa new-model
!
!
!
!
aaa session-id common
switch 1 provision ws-c3750x-48p
system mtu routing 1500
!
!
!
!
crypto pki trustpoint TP-self-signed-2460691072
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-2460691072
 revocation-check none
 rsakeypair TP-self-signed-2460691072
!
!
crypto pki certificate chain TP-self-signed-2460691072
 certificate self-signed 01
 
  quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
vlan internal allocation policy ascending
!
!
!
interface FastEthernet0
 no ip address
 shutdown
!
!
interface GigabitEthernet1/0/9
 description admin port
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 999,1000
 switchport mode trunk
!
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan999
 description management
 ip address 192.168.0.2 255.255.255.0
!
interface Vlan1000
 description data
!
ip default-gateway 192.168.0.1

 

ip classless
ip http server
ip http secure-server
!
!
!
line con 0
line vty 0 4
 transport input ssh
line vty 5 15
!
end

nucleus#

 

7 REPLIES

What type of machine is the

What type of machine is the admin machine?

As you are connecting it to a Trunk port, the Network card in the machine needs to be capable of tagging 802.1q frames otherwise the switch will just tag every packet it receives with the native vlan ID which in this case would be Vlan1.

VIP Super Bronze

Hi,You need to change

Hi,

You need to change interface GigabitEthernet1/0/9 to be an access port with only one vlan (999) You PC's NIC is not trunkd by default,  Once your are in the switch you can than manage both vlans.

HTH

Community Member

ok, indeed my admin machine

ok, indeed my admin machine is just a simple pc that does not support a trunk on the nic side....well I could have thought about that by myself :-)

nevertheless, isn't there a way that I can reach all clients in vlan 1000 AND 999 from my admin-pc?

Sorry, I'm a little dizzy today....

Looking at the config above,

Looking at the config above, the answer is No because there is no Layer 3 address for the 1000 Vlan, unless you just removed this for posting purposes.

You have a default gateway but Vlan1000 doesn't so there is no routing taking place between them currently.

Community Member

ok, so what are you saying.

ok, so what are you saying. vlan 1000 needs a completely new ip range and I have to add routing between 999 and 1000?

for 999 I have 192.168.0.x, so for vlan 1000 I can not be in the same range. Can you maybe post an example?

Community Member

hey guys,no one willing to

hey guys,

no one willing to provide an example....would be very appreciated

thx in advance

VIP Purple

When you connect a PC

When you connect a PC directly to the switch, then you should configure the port as an access-port:

 

interface Gig 1/0/9
  switchport mode access
  switchport access clan 1000

 

If you want that the vlans can communicate with each other, then you also have to enable ip routing:

 

ip routing

 

96
Views
0
Helpful
7
Replies
CreatePlease to create content