cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
14489
Views
0
Helpful
28
Replies

catalyst 2960G vlan configuration

shafitokhi
Level 1
Level 1

Hi,

I have got a catalyst cisco 2960G series switch and via this switch I want to creat serveral vlans.

I am getting a dhcp IP from a router and I want to setup my own vlan networks.

I plugged in the Ethernet cable that came from the dhcp router to port 16 of the cisco switch and configured the ports 1,2 and 3 for vlan 1, 2 and 3

the dhcp router has given me this IP 192.168.10.158

defautl gateway is : 192.168.10.1

when I plug in a PC to port 1 or 2 of the cisco switch I still receiving the IP from range 192.168.10.* but not from the range that I configured for the vlan 1 or 2.

Below is my startup configuration:

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

switchport access vlan 2

  switchport mode access

!

interface GigabitEthernet0/3

switchport access vlan 3

switchport mode access

!

interface Vlan1

ip dhcp client lease 50 0 0

ip address 192.168.1.1 255.255.255.0

no ip route-cache

!

interface Vlan2

ip address 192.168.2.1 255.255.255.0

no ip route-cache

!

interface Vlan3

ip address 192.168.3.1 255.255.255.0

no ip route-cache

!

ip default-gateway 192.168.10.1

ip http server

----------------

What I want is to get a dhcp IP from vlan based on the subnet that has been specified for subnet. e.g; If I plug in a PC to port 1 (vlan 1) then I expect to get an IP 192.168.1.*   - same case for other vlans.

I'm not sure if I have got the right configuration and really not sure if I have pluged in the Ethernet cable that came from the dhcp router to the right port (16 of the cisco switch) ?

Thanks in advance for your help.

1 Accepted Solution

Accepted Solutions

Latchum Naidu
VIP Alumni
VIP Alumni

Hi Shafi,

To achive what you want you need to do below...

1. You need to specify the required address pools in your DHCP (Router) Server.
2. Specify the "ip helper-address "DHCP server address" under the required VLAN..

interface Vlan2
ip address 192.168.2.1 255.255.255.0
no ip route-cache
ip helper-address "DHCP server IP"

3. Configured the access port to which you are connecting PC on your 2960 to specific VLAN...

int fa2/4
switch-port mode access vlan 2

Please rate the helpfull posts.
Regards,
Naidu.

View solution in original post

28 Replies 28

Latchum Naidu
VIP Alumni
VIP Alumni

Hi Shafi,

To achive what you want you need to do below...

1. You need to specify the required address pools in your DHCP (Router) Server.
2. Specify the "ip helper-address "DHCP server address" under the required VLAN..

interface Vlan2
ip address 192.168.2.1 255.255.255.0
no ip route-cache
ip helper-address "DHCP server IP"

3. Configured the access port to which you are connecting PC on your 2960 to specific VLAN...

int fa2/4
switch-port mode access vlan 2

Please rate the helpfull posts.
Regards,
Naidu.

Thanks,

I followed the points that you have mentioned, now I can get a dhcp IP from the respective vlan, but I can't connect to the internet.

On step 3  I can't use the "fa" command on 2960G switch, I only can use the gigabitEthernet.

Below is how the startup config looks like: (dhcp scop only configured for Vlan 2)

no aaa new-model

system mtu routing 1500

ip subnet-zero

!

ip dhcp pool dpool1

   import all

   network 192.168.2.0 255.255.255.0

   default-router 192.168.2.1

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet0/3

switchport access vlan 3

switchport mode access

i        

interface Vlan1

ip address 192.168.1.1 255.255.255.0

no ip route-cache

!

interface Vlan2

ip address 192.168.2.1 255.255.255.0

ip helper-address 192.168.10.1

ip helper-address 192.168.2.1

no ip route-cache

!

interface Vlan3

ip address 192.168.3.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

ip default-gateway 192.168.10.1

ip http server

-----------------------------------------------------

@ Reza Shrifi

Switch#sh ip int bri vlan 2

Interface              IP-Address      OK? Method Status                Protocol

Vlan2                  192.168.2.1     YES NVRAM  up                    down   

Switch#sh ip int bri vlan 3

Interface              IP-Address      OK? Method Status                Protocol

Vlan3                  192.168.3.1     YES NVRAM  up                    down   

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

Have you configured the DHCP scope for the other subnets (192.168.2.1 255.255.255.0 &192.168.3.1 255.255.255.0?

Are vlans 2 and 3 in up and up mode? try "sh ip int bri vlan 2"

HTH

any one?

Hi,

Create multiple DHCP scope in your DHCP server/router corresponding to each VLAN.

I mean create a scope 192.168.2.0/24 for VLAN2 and 192.168.3.0/24 for VLAN 3 in the same DHCP server.

and put ip helper-address 192.168.10.1 in each interface VLAN configuration.

So whenerver a DHCP packet came from a client it will broadcast to the Corresponding VLAN and it will reach the DHCP server. So a broadcast packet for DHCp address in VLAN to will be destined to the broadcast address 255.255.255.255. So the DHCp server will understand it is asking for the a IP address in the range 192.168.2.0/24. So it will lease IP address corresponding to it.

HTH

Thanks

Vipin

Thanks and Regards, Vipin

Hi,

thanks for the reply,

I have already done that, as an example I have only configured this for the vlan2 but still i'm not able to connect to the internet via vlan 2

interface Vlan2

ip address 192.168.2.1 255.255.255.0

ip helper-address 192.168.10.1

ip helper-address 192.168.2.1

no ip route-cache

I probably need to delete the 2nd ip-helper, I didn't know the command how to delete the extra one.

any idea for the above configuration?

Hi,

You can delete this by

r(config)#int vlan2

r(config-if)# no ip helper-address 192.168.2.1

Are you sure you made different scope for different vlans?

Thanks

Vipin

Thanks and Regards, Vipin

Yes,

I have created seperate dhcp pools for each vlan and define the

ip helper-address 192.168.2.1 for each vlan, now I can get the ip but still can't ping.

same configuration as below goes for each vlan.

ip dhcp pool dpool1

   import all

   network 192.168.2.0 255.255.255.0

   default-router 192.168.2.1

interface Vlan2

ip address 192.168.2.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

ip default-gateway 192.168.10.1

I pluged in the internet cable to one fo the ports which is not configured for any vlans ( not sure if this is the right port?)

but I can't ping the default gateway ( 192.168.10.1)

Do I need to configure the port that the internet cable is pluged in? if yes any hint?

Many thanks.

Hi,

post a diagram of the topology as well as running config of router and switch.

You can't go to internet from the switch or from PCs?

Alain.

Don't forget to rate helpful posts.

Jon Marshall
Hall of Fame
Hall of Fame

edited

  I think a 2960 may be able to route with the newest IOS codes   .Make sure you have ip routing turned on if you do have the latest codes.  You said you plugged the internet into a port that wasnt configured so that means its in a port that is vlan 1 which I believe you already setup for another subnet .  The ip default gateway does nothing , this is used for managing the switch if ip routing is turned off .  I would remove that and see if it will take a default static route , 0.0.0.0 0.0.0.0 192.168.10.1 .  

Glen

I edited my post because i wasn' totally sure about this.

I know with the latest code the 2960S switches can do basic routing.

Do you know if this also applies to the non S 2960 switches, because i can't find a definitive answer on this and don't have one to test with.

Jon

Thanks for the reply,

I'm not sure if I have the lates IOS on my router, I tried to perform dynamic routing, but the 2960G router could not recagnize the command. ( I think Ip routing is not enabled, and I don't have the clue how to make it enable)

When I connect to the vlan 2, I could get the dhcp IP but not able to ping the default gateway/google for instance ( both from router and PC).

below is the result of the route command on my PC:

Kernel IP routing table

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface

default         192.168.2.1        0.0.0.0               UG    0      0        0 eth0

link-local      *                       255.255.0.0         U     1000   0       0 eth0

192.168.2.0     *                   255.255.255.0       U     1      0        0 eth0

The complete startup file:

show startup-config

Using 3175 out of 65536 bytes

!

version 12.2

no service pad

service timestamps debug uptime

service timestamps log uptime

no service password-encryption

!

hostname Switch

!

enable secret 5 $1$E2kH$zZbWhNiIphJNxxA8F3cB81

!

no aaa new-model

system mtu routing 1500

ip subnet-zero

!

ip dhcp pool dpool1

   import all

   network 192.168.2.0 255.255.255.0

   default-router 192.168.2.1

!

ip dhcp pool dpool2

   import all

   network 192.168.3.0 255.255.255.0

   default-router 192.168.3.1

!

ip dhcp pool dpool4

   import all

   network 192.168.4.0 255.255.255.0

   default-router 192.168.4.1

!

ip dhcp pool dpool5

   import all

   network 192.168.5.0 255.255.255.0

   default-router 192.168.5.1

!

ip dhcp pool dpool6

   import all

   network 192.168.6.0 255.255.255.0

   default-router 192.168.6.1

!

ip dhcp pool dpool7

   import all

   network 192.168.7.0 255.255.255.0

   default-router 192.168.7.1

!

ip dhcp pool dpool8

   import all

   network 192.168.8.0 255.255.255.0

   default-router 192.168.8.1

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

switchport access vlan 2

switchport mode access

!

interface GigabitEthernet0/3

switchport access vlan 3

switchport mode access

!        

interface GigabitEthernet0/4

switchport access vlan 4

switchport mode access

!

interface GigabitEthernet0/5

switchport access vlan 5

switchport mode access

!

interface GigabitEthernet0/6

switchport access vlan 6

switchport mode access

!

interface GigabitEthernet0/7

switchport access vlan 7

switchport mode access

!

interface GigabitEthernet0/8

switchport access vlan 8

switchport mode access

!

interface GigabitEthernet0/9

!

interface GigabitEthernet0/10

!

interface GigabitEthernet0/11

!

interface GigabitEthernet0/12

!

interface GigabitEthernet0/13

!

interface GigabitEthernet0/14

!

interface GigabitEthernet0/15

!

interface GigabitEthernet0/16

!

interface GigabitEthernet0/17

!

interface GigabitEthernet0/18

!

interface GigabitEthernet0/19

!

interface GigabitEthernet0/20

!

interface GigabitEthernet0/21

!        

interface GigabitEthernet0/22

!

interface GigabitEthernet0/23

!

interface GigabitEthernet0/24

!

interface Vlan1

no ip address

no ip route-cache

!

interface Vlan2

ip address 192.168.2.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

interface Vlan3

ip address 192.168.3.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

interface Vlan4

ip address 192.168.4.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

interface Vlan5

ip address 192.168.5.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

interface Vlan6

ip address 192.168.6.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

interface Vlan7

ip address 192.168.7.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

interface Vlan8

ip address 192.168.8.1 255.255.255.0

ip helper-address 192.168.10.1

no ip route-cache

!

ip default-gateway 192.168.10.1

ip http server

!

control-plane

!

!

line con 0

line vty 0 4

password nocnoc

login

line vty 5 15

password nocnoc

login

!

end

Router version:

Switch      Ports         Model                        SW Version              SW Image           

------             -----         -----                              ----------                     ----------         

*    1          24            WS-C2960G-24TC-L   12.2(35)SE5       C2960-LANBASE-M

Do I need to upgrade the IOS?

Thanks.

Hi Shafi,

You have a very old IOS. It was from 2007. I would definetly upgrade the IOS to newer version. The latest version is

c2960-lanbasek9-mz.150-1.SE.bin.

Once you upgraded the IOS then iIn the global configuration mode, enter the command

sdm prefer lanbase-routing

Then  save the configuration and reload the switch. After the reload, you  should be able to activate the IP routing and set up static routing  entries

and type ip route 0.0.0.0 0.0.0.0 192.168.10.1

In regards to your question about not able to ping the internet, you nee a public ip address on the device. This device should be connected to a router and that router should have a public ip address. Can you please paste your topology here?

HTH

Regards

Kishore

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco