Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2419
Views
0
Helpful
3
Replies

INTERCONNECT VLANS/TRUNK WITH CISCO1841 + HWIC-4ESW

Go to solution
Didier1966
Level 1
Level 1

‎11-21-2010 09:35 AM - edited ‎03-06-2019 02:08 PM

Hello,

The bellow configuration is working well (thanks to Jon) , but just for my knowledge I would like to connect 2 VLANS with each other and send ALL VLANS via a trunk on FA0/1 to my CISCO2950 SWITCH.

Is this possible ?

Thank You in advance for your help

PS: ANY IDEA WHY IT TAKE 45 SECONDS TO RECEIVE A IP ADDRESS ON THE HWIC-4ESW PORTS ?

!

! Last configuration change at 14:16:42 gmt+1 Sun Nov 21 2010 by admin

! NVRAM config last updated at 14:18:58 gmt+1 Sun Nov 21 2010 by admin

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname ROUTER1841

!

boot-start-marker

boot-end-marker

!

logging buffered 51200 warnings

enable password 7 05080F1C2243

!

aaa new-model

!

!

aaa authentication banner 

THIS SYSTEM IS SOLELY FOR USE OF AUTHORISED USERS FOR OFFICIAL PURPOSES

!

!

aaa session-id common

clock timezone gmt+1 1

clock summer-time gmt+2 recurring last Sun Mar 2:00 last Sun Oct 3:00

dot11 syslog

no ip source-route

ip cef

!

!

no ip dhcp use vrf connected

ip dhcp excluded-address 192.168.100.1 192.168.100.99

ip dhcp excluded-address 192.168.10.1

ip dhcp excluded-address 192.168.20.1

ip dhcp excluded-address 192.168.30.1

ip dhcp excluded-address 192.168.40.1

!

ip dhcp pool internal

   network 192.168.100.0 255.255.255.0

   default-router 192.168.100.1

   dns-server 192.168.100.1

   lease 5

!

ip dhcp pool vlan10

   import all

   network 192.168.10.0 255.255.255.0

   dns-server 8.8.8.8

   default-router 192.168.10.1

   lease 5

!

ip dhcp pool vlan20

   network 192.168.20.0 255.255.255.0

   dns-server 8.8.8.8

   default-router 192.168.20.1

   lease 5

!

ip dhcp pool vlan30

   network 192.168.30.0 255.255.255.0

   dns-server 8.8.8.8

   default-router 192.168.30.1

!

ip dhcp pool vlan40

   network 192.168.40.0 255.255.255.0

   default-router 192.168.40.1

   dns-server 192.168.40.1

!

!

no ip bootp server

ip domain name dri.be

ip ddns update method DynDNS

HTTP

  add http://dri66:xxxxxxxxxxmembers.dyndns.org/nic/update?system=dyndns&hostname=cisco1841.dyndns.info&myip=<a>

interval maximum 1 0 0 0

interval minimum 1 0 0 0

!

multilink bundle-name authenticated

!

crypto pki trustpoint TP-self-signed-2996752687

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2996752687

revocation-check none

rsakeypair TP-self-signed-2996752687

!

!

!

!

username didier privilege 15 password 7 xxxxxxxxxxxxxxxxxxxx

username Admin privilege 15 secret 5 xxxxxxxx

username Homer privilege 15 password 7 xxxxxxxxxxxxxx

archive

log config

  hidekeys

!

!

ip ssh time-out 60

ip ssh authentication-retries 2

ip ssh port 8096 rotary 1

ip ssh version 2

!

!

!

interface FastEthernet0/0

description DMZ

ip ddns update hostname cisco1841.dyndns.info

ip ddns update DynDNS

ip address dhcp

no ip unreachables

no ip proxy-arp

ip nat outside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/1

description INTERNAL$ETH-LAN$

ip address 192.168.100.1 255.255.255.0

no ip proxy-arp

ip nat inside

ip virtual-reassembly

duplex auto

speed auto

!

interface FastEthernet0/0/0

switchport access vlan 10

!

interface FastEthernet0/0/1

switchport access vlan 20

!

interface FastEthernet0/0/2

switchport access vlan 30

!

interface FastEthernet0/0/3

switchport access vlan 40

!

interface Vlan1

no ip address

!

interface Vlan10

ip address 192.168.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan20

ip address 192.168.20.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan30

ip address 192.168.30.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

interface Vlan40

ip address 192.168.40.1 255.255.255.0

ip nat inside

ip virtual-reassembly

!

ip forward-protocol nd

!

!

ip http server

ip http authentication local

ip http secure-server

ip dns server

ip nat inside source list 101 interface FastEthernet0/0 overload

!

access-list 101 permit ip 192.168.100.0 0.0.0.255 any

access-list 101 permit ip 192.168.10.0 0.0.0.255 any

access-list 101 permit ip 192.168.20.0 0.0.0.255 any

access-list 101 permit ip 192.168.30.0 0.0.0.255 any

access-list 101 permit ip 192.168.40.0 0.0.0.255 any

no cdp run

!

!

!

control-plane

!

!

banner exec 

WELCOME YOU ARE NOW LOGED IN

banner login 

WARNING !!!

IF YOU ARE NOT :

Didier Ribbens

Please Leave NOW !!!

YOUR IP and MAC address will be LOGGED !!!

!

line con 0

speed 115200

line aux 0

line vty 0 4

access-class 5 in

privilege level 15

rotary 1

transport input telnet ssh

line vty 5 15

access-class 5 in

rotary 1

!

scheduler allocate 20000 1000

ntp clock-period 17178501

ntp server 66.27.60.10

end

Labels:
0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-21-2010 10:21 AM

Didier

The bellow configuration is working well (thanks to Jon) , but just for my knowledge I would like to connect 2 VLANS with each other and send ALL VLANS via a trunk on FA0/1 to my CISCO2950 SWITCH.

Is this possible ?

Thank You in advance for your help

PS: ANY IDEA WHY IT TAKE 45 SECONDS TO RECEIVE A IP ADDRESS ON THE HWIC-4ESW PORTS ?

If you want to connect to 2950 switch and send multiple vlans you can use subinterfaces on fa0/1 but as you have an HWIC-ESW then a better solution is to connect one of the HWIC-ESW ports to the 2950 switch and configure the port as -

int fa0/0/3

switchport mode trunk

switchport trunk encapsulation dot1q

and then configure the 2950 port as -

int fa/01

switchport mode trunk

as for the 45 seconds - add this to your HWIC-ESW ports in your config -

int fa0/0/0

spanning-tree portfast

Note if you do use one of the HWIC-ESW ports to connect to the 2950 as a trunk link do not configure "spanning-tree portfast" on that port.

Jon

View solution in original post

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Didier1966

‎11-22-2010 10:07 AM 

Didier1966 wrote:
Hi Jon,
Thanks AGAIN 
It works.
Do you know how I can route LAN 10 and LAN 20 ,I just like to share the printer that I have in LAN 20 with IP 192.168.20.100 to LAN 10.
All other traffic is forbidden.
Thank you in advance for your help 
PS: Is it not possible to use FA0/1 ?
Best Regards,
Didier

Didier

access-list 101 permit ip 192.168.10.0 0.0.255 host 192.168.200.10

access-list 101 deny ip 192.168.10.0 0.0.0.255 192.168.200.0 0.0.0.255

access-list 101 permit ip any any

int vlan 10

ip access-group 101 in

note i have used "permit ip" to host 192.168.200.10 but if you know all the printer ports used then you can be more specific. Note also that with windows if the printers is in active directory and the active directory servers are in vlan 20 you may need to add additional access.

You can use fa0/1 but with the HWIC-ESW it would be the wrong solution.

Jon

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame

‎11-21-2010 10:21 AM

Didier

The bellow configuration is working well (thanks to Jon) , but just for my knowledge I would like to connect 2 VLANS with each other and send ALL VLANS via a trunk on FA0/1 to my CISCO2950 SWITCH.

Is this possible ?

Thank You in advance for your help

PS: ANY IDEA WHY IT TAKE 45 SECONDS TO RECEIVE A IP ADDRESS ON THE HWIC-4ESW PORTS ?

If you want to connect to 2950 switch and send multiple vlans you can use subinterfaces on fa0/1 but as you have an HWIC-ESW then a better solution is to connect one of the HWIC-ESW ports to the 2950 switch and configure the port as -

int fa0/0/3

switchport mode trunk

switchport trunk encapsulation dot1q

and then configure the 2950 port as -

int fa/01

switchport mode trunk

as for the 45 seconds - add this to your HWIC-ESW ports in your config -

int fa0/0/0

spanning-tree portfast

Note if you do use one of the HWIC-ESW ports to connect to the 2950 as a trunk link do not configure "spanning-tree portfast" on that port.

Jon

0 Helpful

Go to solution
Didier1966
Level 1
Level 1
In response to Jon Marshall

‎11-22-2010 09:53 AM

Hi Jon,

Thanks AGAIN

It works.

Do you know how I can route LAN 10 and LAN 20 ,I just like to share the printer that I have in LAN 20 with IP 192.168.20.100 to LAN 10.

All other traffic is forbidden.

Thank you in advance for your help

PS: Is it not possible to use FA0/1 ?

Best Regards,

Didier

0 Helpful

Go to solution
Jon Marshall
Hall of Fame
Hall of Fame
In response to Didier1966

‎11-22-2010 10:07 AM 

Didier1966 wrote:
Hi Jon,
Thanks AGAIN 
It works.
Do you know how I can route LAN 10 and LAN 20 ,I just like to share the printer that I have in LAN 20 with IP 192.168.20.100 to LAN 10.
All other traffic is forbidden.
Thank you in advance for your help 
PS: Is it not possible to use FA0/1 ?
Best Regards,
Didier

Didier

access-list 101 permit ip 192.168.10.0 0.0.255 host 192.168.200.10

access-list 101 deny ip 192.168.10.0 0.0.0.255 192.168.200.0 0.0.0.255

access-list 101 permit ip any any

int vlan 10

ip access-group 101 in

note i have used "permit ip" to host 192.168.200.10 but if you know all the printer ports used then you can be more specific. Note also that with windows if the printers is in active directory and the active directory servers are in vlan 20 you may need to add additional access.

You can use fa0/1 but with the HWIC-ESW it would be the wrong solution.

Jon

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card