Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

CISCO 6509 VLANS

I have created three vlans

VLAN 100

VLAN 200

VLAN 300

The cisco 3550 are configure with each respective vlan 100, 200, and 300.

As soon as I plug the switch on the fiber module, I notices the switch been added to the proper VLAN. I have execute the command sh vlan 100, and it shows the switches configure for vlan 100. The same thing for vlan 200 and 300.

However, I notices some switches were added to the wrong vlans. Is there a command or configuration that I am doing that is causing this issue?

Thanks

96 REPLIES
Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

What do you mean by "some switches were added to the wrong vlans"?

What is your topology? And what VTP mode are you using on all the switches?

Regards,

jerry

New Member

Re: CISCO 6509 VLANS

Yes, the vlans are configure as this:

VLAN 100 172.31.181.128/26

VLAN 200 172.31.181.192/26

VLAN 300 172.31.13.0/24

Each switch,from the different networks, connect to the core router thru fiber connection.

I have been creating the vlans on the

cisco switches using the script. Follow, I have included a sample configuration for each of the vlan configuration (VLAN 100, 200, and 300)

---------------------------

VLAN 100

---------------------------

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description academic

switchport access vlan 100

switchport mode access

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

!

interface Vlan1

ip address 172.31.181.194 255.255.255.192

no shut

!

interface Vlan100

description Academic

no ip address

no ip route-cache

no shut

--------------------------------

VLAN 200

--------------------------------

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description Administrative

switchport access vlan 200

switchport mode access

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

no shut

!

interface Vlan1

no shut

!

interface Vlan200

description Administrative

ip address 172.31.181.130 255.255.255.192

no shut

ip classless

ip http server

ip http secure-server

--------------------------------

VLAN 300

--------------------------------

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description Wireless

switchport access vlan 300

switchport mode access

no shut

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface Vlan1

ip address 172.31.13.3 255.255.255.0

no shut

!

interface Vlan300

description Academic

no ip address

no ip route-cache

no shut

!

ip classless

But, I'm not sure if it would work better to use vtp at each switch, or after configuring vtp server on cisco 6509, every switch will self join the appropiate vlan.

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

I see that you are using Vlan 1 for management and not going configure IP addresses on interface Vlan100, Vlan200, and Vlan300. If this is the case, there is not need for interface Vlan100, etc on these switches.

So which switch is getting the wrong Vlan? Which command give you that impression, can you post the output of that also? Also, if you would post the output of the following three (3) commands on all the 3550's and the 6500's, it will be great:

show vtp status

show vlan

show int trunk

Regards,

jerry

New Member

Re: CISCO 6509 VLANS

Jerry,

I will be doing this as soon as I get to work this morning.

1) DO you recommend using Manual VLAN script or creating them on each switch VTP Database?

2) As far switch vlan adding themselves to VLANS on CISCO 6509, when running the command sh vlan 100, it shows the vlan number and on the right hand, a list of fiber ports that I'm assumming are switches with pre-configure vlans.

Is this assumption correct?

Thanks

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

It is upto you which method you prefer, as long as they are correct.

From you description of the output, sound like the ports are assigned to the VLAN someone configured before. The only pre-configurated VLAN is really VLAN1 where it cannot be deleted.

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

Jerry,

As you can see, I am including the information you have requested.

One issue we are having with the cisco 6509, the vlan are been set to native vlan 1. However, the switches are configured with 100,200 and 300, respectively.

How can I set on cisco 6509 to put this vlan 100,200 and 300 in the correct native vlan, instead of cisco deciding to pu them on native vlan 1?

Thanks

CISCO 6509 --- Server

Console> (enable) sh vtp domain

Domain Name Domain Index VTP Version Local Mode

Password

-------------------------------- ------------ ----------- ----------- --

--------

lv.psu.edu 1 2 server -

Vlan-count Max-vlan-storage Config Revision Notifications

---------- ---------------- --------------- -------------

8 1023 0 disabled

Last Updater V2 Mode Pruning PruneEligible on Vlans

--------------- -------- -------- -------------------------

0.0.0.0 disabled disabled 2-1000

Console> (enable) sh vtp statistics

VTP statistics:

summary advts received 109

subset advts received 58

request advts received 0

summary advts transmitted 1320

subset advts transmitted 200

request advts transmitted 51

No of config revision errors 0

No of config digest errors 51

VTP pruning statistics:

Trunk Join Transmitted Join Received Summary advts received from GVRP

PDU

non-pruning-capable device

Received

-------- ---------------- ------------- --------------------------- ----

------

3/4 0 0 0 0

3/6 0 0 0 0

4/4 0 0 0 0

15/1 0 0 0 0

16/1 0 0 0 0

Console> (enable)

New Member

Re: CISCO 6509 VLANS

Console> (enable) sh vlan

VLAN Name Status IfIndex Mod/Ports, Vlans

---- -------------------------------- --------- ------- ----------------

--------

1 default active 199 1/1-2

2/1-2

3/1-3

4/2-3,4/5-16

6/1-8,6/10,6/15-

48

7/1-32,7/34-48

100 academic active 205 3/5,3/7-16

200 admin active 204 7/33

300 wireless active 206 4/1

6/9,6/11-14

1002 fddi-default active 200

1003 token-ring-default active 203

1004 fddinet-default active 201

1005 trnet-default active 202

VLAN Type SAID MTU Parent RingNo BrdgNo Stp BrdgMode Trans1

Trans2

---- ----- ---------- ----- ------ ------ ------ ---- -------- ------ --

----

1 enet 100001 1500 - - - - - 0 0

100 enet 100100 1500 - - - - - 0 0

200 enet 100200 1500 - - - - - 0 0

300 enet 100300 1500 - - - - - 0 0

1002 fddi 101002 1500 - - - - - 0 0

1003 trcrf 101003 1500 - - - - - 0 0

1004 fdnet 101004 1500 - - - - - 0 0

1005 trbrf 101005 1500 - - - ibm - 0 0

VLAN MISTP-Inst DynCreated RSPAN

---- ---------- ---------- --------

1 - static disabled

100 - static disabled

200 - static disabled

300 - static disabled

1002 - static disabled

1003 - static disabled

1004 - static disabled

1005 - static disabled

VLAN AREHops STEHops Backup CRF 1q VLAN

---- ------- ------- ---------- -------

1003 7 7 off

Console> (enable)

-------------------------

CISCO 6509- Router

-------------------------

SRVRM-6509-MSFC1#sh run

Building configuration...

Current configuration : 3547 bytes

!

! Last configuration change at 08:52:47 EDT Thu Jul 9 2009

! NVRAM config last updated at 17:08:29 EDT Wed Jul 8 2009

!

version 12.1

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime

service password-encryption

!

hostname SRVRM-6509-MSFC1

!

boot system bootflash:c6msfc2-psv-mz.121-13.E3.bin

boot bootldr bootflash:c6msfc2-boot-mz.121-13.E3.bin

no logging console

enable secret 5 $1$k3j8$vSFg2vXjmUMrtU/pxlCTX/

enable password 7 08121C430B0B0005424A

!

clock timezone EST -5

clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

clock calendar-valid

ip subnet-zero

!

!

!

!

!

!

interface Loopback0

ip address 10.5.12.1 255.255.255.255

!

interface Vlan1

description Management VLAN

ip address 172.31.181.189 255.255.255.192

no ip redirects

standby 1 ip 172.31.181.129

standby 1 priority 120

standby 1 preempt

!

interface Vlan100

description Lab 214 VLAN

ip address 146.186.50.253 255.255.255.0

no ip redirects

standby 1 ip 146.186.50.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan200

description LAB 200 VLAN

ip address 146.186.27.253 255.255.255.0

ip helper-address 146.186.27.3

no ip redirects

standby 1 ip 146.186.27.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan300

description Wireless Lan

ip address 172.31.13.254 255.255.255.0

no ip redirects

standby 1 ip 172.31.13.1

standby 1 priority 120

standby 1 preempt

New Member

Re: CISCO 6509 VLANS

Console> (enable) sh vlan 1

VLAN Name Status IfIndex Mod/Ports, Vlans

---- -------------------------------- --------- ------- ------------------------

1 default active 199 1/1-2

2/1-2

3/1-3

4/2-16

6/1-8,6/10,6/15-48

7/1-32,7/34-48

15/1

16/1

VLAN Type SAID MTU Parent RingNo BrdgNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ ------ ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

VLAN MISTP-Inst DynCreated RSPAN

---- ---------- ---------- --------

1 - static disabled

Console> (enable) sh trunk

* - indicates vtp domain mismatch

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

3/2 auto n-dot1q trunking 1

3/3 auto dot1q trunking 1

4/3 auto n-dot1q trunking 1

4/4 auto n-dot1q trunking 300

4/6 auto dot1q trunking 200

15/1 nonegotiate isl trunking 1

16/1 nonegotiate isl trunking 1

Port Vlans allowed on trunk

-------- ---------------------------------------------------------------------

3/2 1-1005,1025-4094

3/3 1-1005,1025-4094

4/3 1-1005,1025-4094

4/4 1-1005,1025-4094

4/6 1-1005,1025-4094

15/1 1-1005,1025-4094

16/1 1-1005,1025-4094

Port Vlans allowed and active in management domain

-------- ---------------------------------------------------------------------

Console> (enable) sh trunk

* - indicates vtp domain mismatch

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

3/2 auto n-dot1q trunking 1

3/3 auto dot1q trunking 1

4/3 auto n-dot1q trunking 1

4/4 auto n-dot1q trunking 300

4/6 auto dot1q trunking 200

15/1 nonegotiate isl trunking 1

16/1 nonegotiate isl trunking 1

Port Vlans allowed on trunk

-------- ---------------------------------------------------------------------

3/2 1-1005,1025-4094

3/3 1-1005,1025-4094

4/3 1-1005,1025-4094

4/4 1-1005,1025-4094

4/6 1-1005,1025-4094

15/1 1-1005,1025-4094

16/1 1-1005,1025-4094

Port Vlans allowed and active in management domain

New Member

Re: CISCO 6509 VLANS

-----------------------------------

CISCO 3550

___________________________________

Cisco 3550

-----------------

LV-126B-AD-181-130#sh vtp

% Incomplete command.

LV-126B-AD-181-130#sh vtp st

LV-126B-AD-181-130#sh vtp status

VTP Version : 2

Configuration Revision : 10

Maximum VLANs supported locally : 1005

Number of existing VLANs : 8

VTP Operating Mode : Client

VTP Domain Name : lv.psu.edu

VTP Pruning Mode : Enabled

VTP V2 Mode : Enabled

VTP Traps Generation : Disabled

MD5 digest : 0xD2 0xD9 0xE9 0xBA 0xA1 0x35 0xF7 0xBE

Configuration last modified by 172.31.13.4 at 3-1-93 00:07:39

LV-126B-AD-181-130#sh trunk

^

% Invalid input detected at '^' marker.

LV-126B-AD-181-130#sh vlan

VLAN Name Status Ports

---- -------------------------------- --------- -------------------------------

1 default active Gi0/2

100 academic active

200 administrative active Fa0/1, Fa0/2, Fa0/3, Fa0/4

Fa0/5, Fa0/6, Fa0/7, Fa0/8

Fa0/9, Fa0/10, Fa0/11, Fa0/12

Fa0/13, Fa0/14, Fa0/15, Fa0/16

Fa0/17, Fa0/18, Fa0/19, Fa0/20

Fa0/21, Fa0/22, Fa0/23, Fa0/24

300 wireless active

1002 fddi-default act/unsup

1003 trcrf-default act/unsup

1004 fddinet-default act/unsup

1005 trbrf-default act/unsup

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1 enet 100001 1500 - - - - - 0 0

100 enet 100100 1500 - - - - - 0 0

200 enet 100200 1500 - - - - - 0 0

300 enet 100300 1500 - - - - - 0 0

VLAN Type SAID MTU Parent RingNo BridgeNo Stp BrdgMode Trans1 Trans2

---- ----- ---------- ----- ------ ------ -------- ---- -------- ------ ------

1002 fddi 101002 1500 - - - - - 0 0

1003 trcrf 101003 4472 1005 3276 - - srb 0 0

1004 fdnet 101004 1500 - - - ieee - 0 0

1005 trbrf 101005 4472 - - 15 ibm - 0 0

VLAN AREHops STEHops Backup CRF

---- ------- ------- ----------

1003 0 0 off

Remote SPAN VLANs

------------------------------------------------------------------------------

Primary Secondary Type Ports

------- --------- ----------------- ------------------------------------------

LV-126B-AD-181-130#sh int trunk

Port Mode Encapsulation Status Native vlan

Gi0/1 on 802.1q trunking 200

Port Vlans allowed on trunk

Gi0/1 1-4094

Port Vlans allowed and active in management domain

Gi0/1 1,100,200,300

Port Vlans in spanning tree forwarding state and not pruned

Gi0/1 1,100,200,300

LV-126B-AD-181-130#

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

This is my observation:

1) Your 6500 is running as VTP server, and you've configured SVI for Inter-VLAN routing

2) Your 3550's are running as VTP client and L2

When you have VTP clients and attaching them to the VTP server, VTP server will copy its VLAN database into the clients when the revision number of the server is higher than the clients. (Just a side note, when the client's revision number is higher than the server, it will override the server's VLAN database, be careful with this!!!).

So I am assuming your concern is you don't want, example, VLAN 100 and 300 apprear on your switch - LV-126B-AD-181-130's VLAN database? If this is the case, you have to make all the switches as VTP transparent mode and configure each VLAN manually, and prune them manually. There is another solution, you might want to consider, where you can turn on VTP pruning, just use the command set vtp prun on you VTP server, 6500's CatOS. It will prune the traffic out of the trunk link.

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

Jerry,

How come the vlans are showing, on the server, as native vlan 1.

How can I change this information?

Console> (enable) sh trunk

* - indicates vtp domain mismatch

Port Mode Encapsulation Status Native vlan

-------- ----------- ------------- ------------ -----------

3/2 auto n-dot1q trunking 1

3/3 auto dot1q trunking 1

4/3 auto n-dot1q trunking 1

4/4 auto n-dot1q trunking 300

4/6 auto dot1q trunking 200

15/1 nonegotiate isl trunking 1

16/1 nonegotiate isl trunking 1

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

That is the native VLAN for the trunk port, default is VLAN 1. You can change it by using set trunk x/x 100 where x/x is your port and 100 is your VLAN number. You have to change both side of the trunk to match, otherwise the switches will complain about native VLAN mismatch. You have to be careful when you are changing this, native VLAN mismatch can cause a spanning tree loop.

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

can you send me a simple configuration for configuring the cisco 6509 to allow communication between 3550's and the router.

thanks

Cisco Employee

Re: CISCO 6509 VLANS

HI Pedro,

I don't have any switches with CatOS handy, but the configuration is very similar (with the set command):

C6500

vlan 100

vlan 200

interface FastEthernet3/1

description TO_3550_1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface FastEthernet3/2

description TO_3550_2

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface Vlan100

ip address 10.1.100.1 255.255.255.0

interface Vlan200

ip address 10.1.200.1 255.255.255.0

3550_1

interface FastEthernet0/1

description TO_C6500 3/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 100

switchport mode trunk

interface range FastEthernet 0/2 - 24

switchport access vlan 100

switchport mode access

interface Vlan100

description 3550_1 management

ip address 10.1.100.4 255.255.255.0

3550_2

interface FastEthernet0/1

description TO_C6500 3/2

switchport trunk encapsulation dot1q

switchport trunk native vlan 200

switchport mode trunk

interface range FastEthernet 0/2 - 24

switchport access vlan 200

switchport mode access

interface Vlan100

description 3550_2 management

ip address 10.1.200.4 255.255.255.0

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

I think my configuration match to this configuration. We are able to have two switches working with the cisco 6509. Howeve, other switches on difeferent vlans 100 and 200 will not talk to the router.

The switches complaint the vlan mistmatch configuration. Therefore, on the router, the native vlan is set to 1 when it should be set to either 100 or 200 or even 300.

I'm not sure how the router can work fine with two swtiches but not the other switches. It is the same configuration on the rest of the switches.

My thinking is that there is something in the router that will not allow the other switches to work correctly.

Can you explain?

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

You have to fix the native vlan mismatch first. This is can cause spanning tree loop which can lead to a network outage.

I saw your configuration has HSRP configured, do you have a 2nd pair of 6500? Also, Can your 3550's ping the default gateway? If not, make sure you have the following commands if the 3550's will be doing L2 only:

no ip routing

ip default-gateway x.x.x.1

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

Hi Jerry,

no, the switches having issues can not ping their default gateway, or the router can't ping the switches ip address.

I started changing the switches using

vtp transparent

Can I use vtp server, too?

thanks

New Member

Re: CISCO 6509 VLANS

Jerry,

the ip default-gateway is this for the switch management ip address or the host ip address.

thanks

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

The ip default-gateway command is for the switch management.

I don't suggest you to put the 3550's into server mode. You can leave them on client. If you've decided to changed the VTP mode to client from transparent, please make sure revision number is lower than the server.

Regards,

jerry

New Member

Re: CISCO 6509 VLANS

Jerry,

the ip default-gateway is this for the switch management ip address or the host ip address.

thanks

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

ip default-gateway is for the switch management. It has nothing to do with the host.

For example, when a host on VLAN100 is attached to the 3550, traffic will trunked to your 6500, if it wants to access anything outside VLAN100. It will use the ip address on the 6500's interface vlan 100 as its default router.

Regards,

jerry

New Member

Re: CISCO 6509 VLANS

ok, let's start with my basic switch configuration. Can you critic or say if this is correct?

en

vlan database

vtp transparent

apply

exit

Config t

hostname LV-126B-AC-181-194

!

enable secret 5 $1$27ar$DnvrYBhnNW5eyTF2JgHIe.

enable password 7 0307585A5E5A744058

!

username admin password 7 1414115A54517F2732

!no aaa new-model

!ip subnet-zero

!

ip domain-name lv.psu.edu

ip ssh version 2

!

int range f0/1 - 24

description academic

switchport access vlan 100

switchport mode access

!

interface GigabitEthernet0/1

description Trunk to Cisco6509 router

switchport trunk encapsulation dot1q

switchport mode trunk

no shut

!

interface GigabitEthernet0/2

switchport mode dynamic desirable

!

interface Vlan1

no shut

!

interface Vlan100

description Academic

ip address 172.31.181.194 255.255.255.192

ip default-gateway 172.31.181.193

no shut

ip classless

ip http server

ip http secure-server

!

!

!

banner motd #

*****************************************************

*****************************************************

** **

** WARNING: Unauthorized access to this system **

** is forbidden and will be prosecuted by law. **

** By accessing this system, you agree that your **

** actions may be monitored if unauthorized usage **

** is suspected. Only authorized Penn State **

** Lehigh Valley Campus **

*****************************************************

*****************************************************

#

!

line con 0

exec-timeout 0 0

line vty 0 4

password 7 1511085D5C7F7E283E

login local

transport input telnet ssh

line vty 5 15

password 7 094F4D584150421E1D

no login

!

end

wr

Cisco Employee

Re: CISCO 6509 VLANS

!

interface Vlan100

description Academic

ip address 172.31.181.194 255.255.255.192

no shut

!

ip default-gateway 172.31.181.193

no ip routing

New Member

Re: CISCO 6509 VLANS

As far the cisco router, the OS version use set commands and not the latest cisco IOS. what do I need to eliminated or add to this configuration?

SRVRM-6509-MSFC1#sh run

Building configuration...

Current configuration : 3547 bytes

!

! Last configuration change at 08:52:47 EDT Thu Jul 9 2009

! NVRAM config last updated at 17:08:29 EDT Wed Jul 8 2009

!

version 12.1

service timestamps debug datetime msec localtime

service timestamps log datetime msec localtime

service password-encryption

!

hostname SRVRM-6509-MSFC1

!

boot system bootflash:c6msfc2-psv-mz.121-13.E3.bin

boot bootldr bootflash:c6msfc2-boot-mz.121-13.E3.bin

no logging console

enable secret 5 $1$k3j8$vSFg2vXjmUMrtU/pxlCTX/

enable password 7 08121C430B0B0005424A

!

clock timezone EST -5

clock summer-time EDT recurring 2 Sun Mar 2:00 1 Sun Nov 2:00

clock calendar-valid

ip subnet-zero

!

!

!

!

!

!

interface Loopback0

ip address 10.5.12.1 255.255.255.255

!

interface Vlan1

description Management VLAN

ip address 172.31.181.189 255.255.255.192

no ip redirects

standby 1 ip 172.31.181.129

standby 1 priority 120

standby 1 preempt

!

interface Vlan100

description Lab 214 VLAN

ip address 146.186.50.253 255.255.255.0

no ip redirects

standby 1 ip 146.186.50.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan200

description LAB 200 VLAN

ip address 146.186.27.253 255.255.255.0

ip helper-address 146.186.27.3

no ip redirects

standby 1 ip 146.186.27.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan300

description Wireless Lan

ip address 172.31.13.254 255.255.255.0

no ip redirects

standby 1 ip 172.31.13.1

standby 1 priority 120

standby 1 preempt

!

ip classless

ip route 146.186.27.0 255.255.255.0 172.31.181.129

ip route 146.186.50.0 255.255.255.0 172.31.181.193

ip route 172.31.13.0 255.255.255.0 172.31.13.1

no ip http server

!

!

access-list 101 permit ip 146.186.27.0 0.0.0.255 0.0.0.0 255.255.255.0

access-list 102 permit ip 146.186.27.0 0.0.0.255 0.0.0.0 255.255.255.0

access-list 103 permit ip 146.186.27.0 0.0.0.255 0.0.0.0 255.255.255.0

access-list 105 permit ip 146.186.27.0 0.0.0.255 host 172.31.181.131

access-list 106 permit ip 146.186.27.0 0.0.0.255 host 172.31.13.10

access-list 107 permit ip 146.186.27.0 0.0.0.255 0.0.0.0 255.255.255.192

access-list 121 permit ip 172.31.181.0 0.0.0.255 172.31.13.0 0.0.0.255

snmp-server community BR0WSE RO

snmp-server community b0wl1ng RW

snmp-server community private RW

snmp-server community BROWSE RO

snmp-server enable traps snmp authentication warmstart

snmp-server enable traps slb real virtual csrp

snmp-server enable traps flash insertion removal

snmp-server enable traps hsrp

snmp-server enable traps config

snmp-server enable traps entity

snmp-server enable traps fru-ctrl

snmp-server enable traps bgp

snmp-server enable traps rsvp

snmp-server enable traps frame-relay

snmp-server enable traps rtr

snmp-server enable traps isdn call-information

snmp-server enable traps isdn layer2

snmp-server enable traps dlsw

snmp-server host 10.5.1.163 2

!

tacacs-server host 10.0.13.110

tacacs-server timeout 10

tacacs-server key 1cecacseng1key1

ntp clock-period 17179855

ntp source Loopback0

ntp master 2

ntp update-calendar

end

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

I finally see what is the problem. On your 3550 LV-126B-AC-181-194, you cannot assign Vlan100 with the IP address of 172.31.181.194. The reason is this Vlan100 is the same Vlan100 on your 6500, they cannot be o different IP subnet. Also, which is your default gateway for management Vlan? Which router is 172.31.181.193? I can only see your default to be 172.31.181.129.

To get the 3550 to work, this is what you can do:

no interface vlan100

!

interface Vlan1

description Academic

ip address 172.31.181.194 255.255.255.192

no shut

!

ip default-gateway 172.31.181.129

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

Hi Jerry

I was assigned three subnets to manage the administrative switches, academic switches and the wireless switches.

Administrative switches 172.31.181.128/26

Academic Switches 172.31.181.128/26

Wireless Switches and APs 172.31.13.0/24

Do I use one address of the three subnets, or do I need to have a separate subnet for the router. And/or all network switches needs to be under one single subnet?

Thanks

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

Okay, let's talk about design. Since your Administrative switches and your Acadamic switches are in the same subnet, 172.31.181.128/26, they need to be on the same VLAN.

Since Wireless Switches and AP's are in 172.31.13.0/24, this need to be on a different VLAN.

I am assuming this is for management devices.

HTH,

jerry

New Member

Re: CISCO 6509 VLANS

ok,

If I understood correctly, the two subnets

172.31.181.128/26 and 172.31.181.192/26 needs to be let's say VLAN 200.

And, wireless network 172.31.13.0/24 on VLAN 300.

Now, before I carry away, I'm not sure if you notice the router has three vlans, 100, 200 and 300 with the gateway of each respective subnet.

thanks

Cisco Employee

Re: CISCO 6509 VLANS

Hi Pedro,

"172.31.181.128/26 and 172.31.181.192/26 needs to be let's say VLAN 200", these are two (2) different networks and they need to be on two (2) different VLAN, let's say 200 VLAN 201 and VLAN 202.

On your current 6500 configuration -

!

interface Vlan100

description Lab 214 VLAN

ip address 146.186.50.253 255.255.255.0

no ip redirects

standby 1 ip 146.186.50.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan200

description LAB 200 VLAN

ip address 146.186.27.253 255.255.255.0

ip helper-address 146.186.27.3

no ip redirects

standby 1 ip 146.186.27.1

standby 1 priority 120

standby 1 preempt

!

interface Vlan300

description Wireless Lan

ip address 172.31.13.254 255.255.255.0

no ip redirects

standby 1 ip 172.31.13.1

standby 1 priority 120

standby 1 preempt

!

You are using VLAN100 for Lab 214 and VLAN 200 for Lab 200. You cannot reuse this VLAN ID for other address, this is the reason why the two (2) 3550's (VLAN100 and VLAN200) cannot take the the default gateway. VLAN300 is correct by comparing from the information you gave me.

HTH,

jerry

1423
Views
25
Helpful
96
Replies
CreatePlease to create content