Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Intervlan routing problem

My objetive is to have 2 vlans working, one for the users and the other for remote administration.

I have one router and one switch layer 2

I tried to configure the router and the switch in this way but I could not have the 2 vlans up at the sime time in the switch

This are my configs

Router

interface FastEthernet0/0

no ip address

duplex auto

speed auto

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.10.10.15 255.255.255.0

no snmp trap link-status

!

interface FastEthernet0/0.16

encapsulation dot1Q 16

ip address 172.16.16.1 255.255.255.0

no snmp trap link-status

!

interface FastEthernet0/0.99

encapsulation dot1Q 99

ip address 192.168.180.50 255.255.255.0

no snmp trap link-status

Switch

interface FastEthernet0/23

switchport mode trunk

no ip address

interface Vlan1

ip address 10.10.10.12 255.255.255.0

no ip route-cache

shutdown

!

interface Vlan16

ip address 172.16.16.5 255.255.255.0

no ip route-cache

shutdown

interface Vlan99

ip address 192.168.180.49 255.255.255.240

no ip route-cache

CAn you help me, please

!

9 REPLIES

Re: Intervlan routing problem

Since your switch is layer 2, it can only have 1 ip address (for management). You switch does not need multiple IP's because your router is the default gateway for each VLAN.

HTH and please rate.

Hall of Fame Super Silver

Re: Intervlan routing problem

Hernan

To supplement the answer by Collin, I believe that it is helpful to understand on layer 2 switches the difference between having VLANs and having VLAN interfaces. You can have multiple VLANs on a layer 2 switch (you assign various switch ports as access ports on particular VLANs). When you define a VLAN interface it is different from definging a VLAN. A VLAN interface is a virtual interface or a layer 3 interface on the switch. You can configure an IP address on the VLAN interface for management purposes. You can have onle 1 active VLAN interface on the switch while you may have multiple active VLANs. While layer 3 switches may have multiple VLAN interfaces a layer 2 switch can have only 1 VLAN interface.

HTH

Rick

New Member

Re: Intervlan routing problem

ok, I need a vlan interface for management but this IP must be different from the users vlan ip address...

for example users ip's 10.10.10.0/24

vlan int for management 172.16.1.1/32

how can I configure this?

thanks for your help

Cisco Employee

Re: Intervlan routing problem

Hi Friend,

AFAIK you will not be able to assign /32 mask on layer 2 switch for any vlan.

IF you issue /32 subnet mask it will prompt you a message as "Bad mask /32 for address 172.16.1.1"

What you can do is configure

interface vlan

ip address x.x.x.x x.x.x.x

You can use any vlan number which does not belong to user vlan and you will be able to manager your switch but because intervlan routing is configured on your router user from there vlan also will be able to access your layer 2 switch after gettting routed from router till the time you configure some ACLs on router subinterface.

HTH

Ankur

Hall of Fame Super Silver

Re: Intervlan routing problem

I would ask Hernan if the user addresses are in 10.10.10 then why does the management address need to be in 172.16? Why not just pick some address in 10.10.10 that does not duplicate a user address and use that for management? That would simplify having to configure another interface on the switch and another interface on the router.

HTH

Rick

New Member

Re: Intervlan routing problem

This is what you are propossing?

Router

interface FastEthernet0/0

no ip address

duplex auto

speed auto

interface FastEthernet0/0.1

encapsulation dot1Q 1 native

ip address 10.10.10.15 255.255.255.0

no snmp trap link-status

!

interface FastEthernet0/0.99

encapsulation dot1Q 99

ip address 192.168.180.49 255.255.255.240

no snmp trap link-status

Switch

interface FastEthernet0/23

switchport mode trunk

no ip address

interface Vlan1

ip address 10.10.10.12 255.255.255.0

no ip route-cache

shutdown

!

interface Vlan99

ip address 192.168.180.50 255.255.255.240

no ip route-cache

Cisco Employee

Re: Intervlan routing problem

Hi Friend,

Sweet, simple configuration always look good.

This will work fine.

Regards,

Ankur

New Member

Re: Intervlan routing problem

Hi Rick,

you are right on Layer 2 switch can only have 1 VLAN interface. but i understood from friend of mine that you can configuring spanning tree protocol to go about it. is that true?

thanks

J

Hall of Fame Super Silver

Re: Intervlan routing problem

J

I am not sure that I understand what you are saying. It is true that a layer 2 switch can have only 1 active layer 3 interface (VLAN interface) with an IP address assigned. And it is true that you can configure spanning tree to operate on multiple layer 2 VLANs on the layer 2 switch.

If your comment is about something else then perhaps you can clarify.

HTH

Rick

212
Views
0
Helpful
9
Replies