Solved: Catalyst 3500 Series XL - VLANs with Internet Access

glenhawkcisco · ‎11-27-2010

I am hoping that I am posting this in the correct section. I am ok with configuring basic routers but I have never worked with anything like the Catalyst 3500 XL before.

I am setting up my own small business from home and I have the need for at least two separate networks but each needs internet access.

I have been running with a D-Link DIR-655 Wifi Router but that only gives me one network.

I have in my possession a cisco catalyst 3548 and I was hoping to create some VLANs so that I have some isolated networks.

There are currently three questions that I have and what I have learned so far is outlined below:-

Can I achieve separate networks (VLANs) each with internet access using a D-Link DIR-655 Router and a Cisco 3548? (if you do not think it is possible with this hardware please let me know)
Why does the switch need an IP address and the gateway address? Does this have something to do with creating subnets on the VLANs? Do the VLANs use the switch IP as a gateway?
Is a Multi-VLAN port the correct way to give internet access to all VLANs?

The switch had been defaulted and so via a console cable I assigned the switch an IP and entered the subnet mask and gateway. I then proceeded to use the widows software “Cisco Network Assistant” to create the VLANs.

I started with 3 VLANs; 1-16, 17-32 and 33-48. Each behaved as a separate switch. I could connect the Router and a PC to any given VLAN and I would get internet access. If I had the router connected to one VLAN and the PC to another I would not get internet access; it made sense.

I was then confused as to how I could give each VLAN access to the internet but not access to each other. I have spent the last 18hrs trying to learn about STP and VTP and all sorts of other key words that I found in the help files and configuration settings. So far the closest I have come is to create a Multi-VLAN port to connect the router to.

The Multi-VLAN port allows each VLAN access to the router and therefore the internet but this essentially puts me back where I started with ONE network because I haven't figured out how to give the VLANs different subnets.

So this is where I am currently stuck. Any help will be much appreciated,

Thanks,

Glen

ngthen · ‎11-27-2010

Glen,

The Catalyst 3500 is simply a layer 2 switch meaning it does not have any routing capabilities on it. The D-Link router that you have does not handle multiple subnets like what you are wanting (at least from what I am seeing). You will need a router that has the capability of multiple subnets using either separate interfaces or sub-interfaces that can work with the 802.1q vlan trunking protocol. Now, if you look into a bit more powerful switch such as the Cisco 3550 (you can get them used for around $300 or so), you can run routing on the switch directly as it has layer 3 support. Here you can set up the subnets/vlans on the switch directly and set your default route back to the D-Link router. I personally would recommend a layer 3 switch instead of a router with sub interfaces (also known as router on a stick) as it is easier to configure and less equipment to worry about.

Hope this helps....

View solution in original post

ngthen · ‎11-27-2010

Glen,

The Catalyst 3500 is simply a layer 2 switch meaning it does not have any routing capabilities on it. The D-Link router that you have does not handle multiple subnets like what you are wanting (at least from what I am seeing). You will need a router that has the capability of multiple subnets using either separate interfaces or sub-interfaces that can work with the 802.1q vlan trunking protocol. Now, if you look into a bit more powerful switch such as the Cisco 3550 (you can get them used for around $300 or so), you can run routing on the switch directly as it has layer 3 support. Here you can set up the subnets/vlans on the switch directly and set your default route back to the D-Link router. I personally would recommend a layer 3 switch instead of a router with sub interfaces (also known as router on a stick) as it is easier to configure and less equipment to worry about.

Hope this helps....

glenhawkcisco · ‎11-27-2010

Thanks heaps. I had a feeling that the switch I had wasn't what I needed. I appreciate the confirmation.

I can now stop wasting my time trying to figure out how to do something that I cannot physically do

glenhawkcisco · ‎11-27-2010

Just had another thought, while I could pick up a 3550 for about $300... I can pick up a 26XX for $40-$60.

The 26XX are routers, if I used one of them with the 3548 I already own would I be able to achive seperate VLANs with internet access?

cadet alain · ‎11-28-2010

Hi,

Yes it would.

you will have to do router on a stick as you were told about in a previous reply. to give just a short answer, do 802.1q trunking between your switch and your router where you'll have to configure logical subinterfaces (one for each vlan).

here's an example:

suppose on your switch you have vlan 2 and vlan 3 in 192.168.2.0/24 and 192.168.3.0/24

then 1) on your switch port connecting to router

-remove multi vlan config because it's not compatible with trunking

-issue following commands:

switchport trunk encapsulation dot1q

switchport mode trunk

2) on your router port

int f0/1

no ip address

no shutdown

int f0/1/2 dot1q 2

ip add 192.168.2.254 255.255.255.0

int f0/1/3 dot1q 3

ip add 192.168.3.254 255.255.255.0

hosts in vlan2 must have their default gw as 192.168.2.254 and in vlan3 192.168.3.254

Regards.

Don't forget to rate helpful posts.