Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Vlan using Catalyst 3560

Hi,

I am trying to create VLANs to segment the company network to cater for grow. I have found this document (id: 41860) “How to configure intervlan routing on layer 3 switches” and found it is close to my requirement. I have follow the steps and tried on a catalyst 3560. But I am not able to get the desired result. I can't ping between the VLANs. At the VLANs I can't connect to internet. What have I done and what have I not done? Attached are the running-config and ip routing.

help would be appreciated

thanks

26 REPLIES

Re: Vlan using Catalyst 3560

hi,

Please issue the ip routing command (its not enable by dedfault in L3 switches) in global config mode and remove the deafualt gateway command with no default gateway 10.1.23.251.

Also you have not assign any ports to the vlans.

Use following command to access the vlans

sw(conf-if)#switchport mode access

sw(conf-if)#switchport access vlan (vlan no.)

do you have more than 1 switch over which these vlans have members? Use trunking between them.

for ur reff:

http://www.cisco.com/en/US/tech/tk389/tk815/technologies_configuration_example09186a008019e74e.shtml

HTH,

regards,

shri :)

New Member

Re: Vlan using Catalyst 3560

thanks shri,

i have tried what you suggested and i assume for the time being 3560 is the only switch in my network. i still can't ping across the vlans.

you advise would be appreciated

Joseph

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Joseph,

I will like to know from where are you trying to ping and to whom? You should be able to ping from vlan 3 to vlan 1 and vice versa and not anything else. I even don't see the default route installed in your routing table.

You have configured a route "ip route 0.0.0.0 0.0.0.0 192.168.23.251" can you confirm 192.168.23.251 is your next hop? Also can you check the status of "sh interface gig0/1" and check if the interface is up and up.

Also try to ping 192.168.23.251 and see if it is reachable?

Regards,

Ankur

Re: Vlan using Catalyst 3560

hi joseph

I agree with ankur please check the status of your interfaces with sh ip int brie command (including your vlan interfaces).In case they are down give no shut command.If you are testing this config and want to that interface hsould not be down then under interface submode give no keepalive command.

Is 192.168.23.251 reachable?

From your sh ip rou output i suspect that only vlan 1 and vlan 3 interfaces are up.

Issue the no shut command under gig0/1.As well as under other interfaces such as the interfaces you have assigned to particular vlans.

HTH,

regards,

shri :)

Purple

Re: Vlan using Catalyst 3560

I don't see anywhere in your config where you have created the layer 2 vlan definition . Add the following. Also if you don't have at least one interface in each vlan that is active the layer 3 interfaces will be up/down and you will not be able to ping those.

conf t

vlan 2

vlan 10

vlan 3

exit

wr mem

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Glen,

If he would have created vlans going to vlan database mode then it will not show up in running config. Also I believe they are created at layer2 level because I can see few vlans in routin table and they will only come in routing table when interfaces are up and interfaces will only be up if vlans are present in vlan database.

Regards,

Ankur

New Member

Re: Vlan using Catalyst 3560

Hi All,

thanks!

i have made changes based on your suggestions. now i'm able to ping between the vlans. however, i still not able to ping devices connected at port 1 with ip address 192.168.23.253. for example i can ping 192.168.23.251 which is my internet router connected at port 1.

whats go wrong, pls. help thanks in adv

Joseph

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Friend,

I was not able to understand your problem completely here. Can you please confirm from which subnet you are trying to ping and to which subnet.

I mean what is your source ip address and which is your destination ip address?

Regards,

Ankur

New Member

Re: Vlan using Catalyst 3560

hi,

10.1.3.1 ping 10.1.2.1 both ways ok

10.1.3.1 or 10.1.2.1 ping 192.168.23.253 pot 1 ok

but problem ping the device connected at port 1 e.g. my internet router 192.168.23.251 connected to port 1 and i'm not able to ping from other subnet thus not internet connection for other subnet.

thanks

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Friend,

When you try to ping your internet router which is 192.168.23.251 from other subnet like vlan 1 and vlan 2 subnet, does this router have reverse router for vlan 1 and vlan 2 subnet.

I am sure this router is missing the route back to your local subnets.

Can you confirm your internet router with routes back to your vlan 1 and vlan 2 subnets something like this

ip route 10.1.23.0 0.0.0.255 192.168.23.253

ip route 10.1.2.0 0.0.0.255 192.168.23.253

Add these routes on yoru internet router and you will be able to ping your internet router from your vlan 1 and vlan 2 subnet. If it is configured with NAT then you will be able to ping internet also.

HTH

Ankur

*Pls rate all helpfull post

New Member

Re: Vlan using Catalyst 3560

Hi Ankur,

thanks for your help, can ping already after adding routing at router.

now! my live network is in 192.168.23.0 subnet and i intend to keep it the same. i tried changing the vlan1 ip address from 10.1.23.1 to 192.168.23.1 thinking ports under the vlan1 can used for clients in the said subnet. but i received message saying "192.168.23.0 overlaps with Gigabitethernet0/1". how do i resolve this? thanks in adv

Joseph

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Joseph,

What you are trying to do is having 2 different interface in same subnet which is not possible. Your gig0/1 is a routed interface and already have an ip address in 192.168.23.0 subnet and now when you try to configure your vlan 1 interface with same subnet ip address you will get this message.

As of now your vlan 1 and vlan 2 are getting routed to your internet link via gig0/1 and I think it is fine enough. Would you like to change you existing setup and if yes what excactly you are looking for?

Regards,

Ankur

New Member

Re: Vlan using Catalyst 3560

hi ankur,

with the new 3560 switch i would like to keep the existing subnet 192.168.23.0 and the internet router setting 192.168.23.251. i would like to make use of the vlan to cater for the grow of the network. all deivces on the new vlan should able to connect to the internet via the internet router above. also they should able to communicate with devices in the 192.168.23.0 subnet

thanks in adv

Joseph

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Joseph,

One way can be you assign 192.168.23.1 ip address to your vlan 1 and gig0/1 which is a layer 3 interface connected to internet router , you change that interface to layer 2 interface and assign it as vlan 1.

interface gig0/1

switchport mode access

switchport access vlan 1

In this case your subnet 192.168.23.0 will exist in your network on 3560 as a part of vlan 1 and in future you can create any vlans to scale your network and they will be able to route to your internet router and go on internet.

Only thing you need to change on your internet router is reverse routes back to your vlans and add one defaut route on your 3560 switch to go to internet router.

HTH

Ankur

*Pls rate all helpfull post

New Member

Re: Vlan using Catalyst 3560

thanks ankur,

i can't get he switchport acces vlan1 into interface gig0/1. anyway the switch is working the way i want. i have any question, how do i configure the switch as dhcp server and issue ip address to clients according to the vlan. e.g. a clients connected to vlan 10 it will get the ip 10.1.10.88, a client connected to vlan 1 it will get the ip 10.1.1.99.

thanks in adv

Joseph

Cisco Employee

Re: Vlan using Catalyst 3560

Hi Joseph,

You have to create seperate DHCP pools for different subnets. Something liket

Switch(config)#service dhcp

Switch(config)#ip dhcp pool

Switch(dhcp-config)#network

Switch(dhcp-config)#default-router

This way you have to create pool for each and every subnet you want and then later exclude the address which you have used for gatway for that subnet.

Switch(config)#ip dhcp excluded-address

HTH

Ankur

*Pls rate all helpfull post

New Member

Re: Vlan using Catalyst 3560

Hi Ankur,

thank you dhcp work for subnet. going further, how do i assigning ip base on client mac address with the subnet.

thanks in adv

Joseph

New Member

Re: Vlan using Catalyst 3560

Hi,

I can't ping any ip at the other side of the wan link e.g. 192.168.22.0 from my vlan e.g. vlan46. i'm in 192.168.23.0 with switch 3560 configured with vlan46 with ip 10.1.46.0. the wan link is connected with lease line and routers.

thanks in adv

New Member

Re: Vlan using Catalyst 3560

i'm having the same problem if u solve it tell me plz

New Member

Re: Vlan using Catalyst 3560

Re: Vlan using Catalyst 3560

hi,

hi

An address binding is a mapping between the IP address and MAC address of a client. The IP address of a client can be assigned manually by an administrator or assigned automatically from a pool by a DHCP server.

Manual bindings are IP addresses that have been manually mapped to the MAC addresses of hosts that are found in the DHCP database. Manual bindings are stored in NVRAM on the DHCP server. Manual bindings are just special address pools. There is no limit on the number of manual bindings, but you can only configure one manual binding per host pool.

reffer following link for IOS 12.2 mailline:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_configuration_guide_chapter09186a00800ca75c.html#wp1001108

HTH

regards,

shri :)

New Member

Re: Vlan using Catalyst 3560

Hi,

thanks!

tried but with this error after entering host .

"This command may not be used with network pools."

search cisco with the error but can't find any related doc. any help?

thanks in adv

Joseph

Re: Vlan using Catalyst 3560

hi,

have you craeted the host pool? To configure a manual binding, first create a host pool, then specify the IP address of the client and client identifier or hardware address.

example:

The following example creates a manual binding for a client named Mars.cisco.com. The MAC address of the client is 02c7.f800.0422 and the IP address of the client is 172.16.2.254.

ip dhcp pool Mars

host 172.16.2.254

hardware-address 02c7.f800.0422 ieee802

client-name Mars

Cisco IOS DHCP Client Example

On the DHCP Server, the configuration is as follows:

ip dhcp pool 1

network 10.1.1.0 255.255.255.0

lease 1 6

On the DHCP client, the configuration is as follows on interface E2:

interface Ethernet2

ip address dhcp

This configuration allows the DHCP client to aquire an IP address from the DHCP Server through an Ethernet interface.

this from the same document i have posted previously.

HTH,

regards,

shri :)

New Member

Re: Vlan using Catalyst 3560

hi,

i'm still having the same problem! below are the command used:

no aaa new-model

clock timezone UTC 8

system mtu routing 1500

ip subnet-zero

ip routing

ip dhcp excluded-address 10.1.46.1

ip dhcp excluded-address 10.1.47.1

!

ip dhcp pool pool46

network 10.1.46.0 255.255.255.0

default-router 10.1.46.1

dns-server 192.168.23.228 192.168.23.205

!

sw3560-253#configure t

Enter configuration commands, one per line. End with CNTL/Z.

sw3560-253(config)#ip dhcp pool pool46

sw3560-253(dhcp-config)#host 10.1.46.113

% This command may not be used with network pools.

thanks

Joseph

Re: Vlan using Catalyst 3560

hi,

You can not configure manual bindings within the same pool that is configured with the network command.In your case you have created the pool46 with the network command hence you can not used it for manual binding.

For manual binding you have to create a different host pool per host.

try again with the differnt host pool :

example:

ip dhcp pool Mars

host 172.16.2.254 mask 255.255.255.0 (this mask is used by the dhcp cleint(host))

hardware-address 02c7.f800.0422 ieee802(mac address)

client-name Mars

default-router 172.16.2.100 172.16.2.101

domain-name cisco.com

dns-server 172.16.1.102 172.16.2.102

HTH,

regards,

shri :)

New Member

Hi,

Hi,

How many settings I can make a manual bindings in the DHCP configurations using Switch Catalyst 3560G with IOS 12.2(50) ?

Thanks,

Sergio.

485
Views
8
Helpful
26
Replies