Cisco 3550 Switch VLAN Question

gjcluttrell · ‎03-15-2005

I have a problem & I can't figure it out to save my life!!! I have a Cisco 3550 switch with 1 VLAN. The VLAN is named VLAN 1 with ports 0/10, 0/11, 0/12. 0/13 in it. I have an ISA server on port 0/2. Any of the computers that are in VLAN 1 (in the ports mentioned above) can not access the ISA server in port 0/2 so they do not have internet access.

Here is my question, how can I allow my ISA server on port 0/2 have access to VLAN 1 so the computers in VLAN 1 can have internet access? I have read stuff from the Cisco website about adding the MAC to the VLAN but can not find the command to add the MAC of the ISA server to VLAN 1. Any advice will be greatly appreciated. Thanks in advance.

steve.busby · ‎03-15-2005

By default all ports are in VLAN1, if you haven't defined any other VLANs, then port 0/2 should also be in VLAN1.

Is port 0/2 enabled? Can any other devices besides the ones you listed above access the ISA server?

Also, have you placed an IP address on VLAN1? Are the devices in VLAN 1 and the ISA server in a common network?

gjcluttrell · ‎03-15-2005

I'm sorry, ports 0/10, 0/11, 0/12. 0/13 are in VLAN 5 not VLAN 1. All other ports are in the default VLAN 1. All other devices can access port 0/2 (where ISA is) except the ports in VLAN 5. The VLAN I created (VLAN 5) is isolated from the other ports like they are supposed to be. I am just confused about what I need to do to allow port 0/2 (ISA server) to have access to VLAN 5 & vise versa. I have the Cisco Network Assistant installed & am using it but have no clue how to do what I want with the Network Assistant or by using the CLI.

steve.busby · ‎03-15-2005

Well things make much more sense then :-)

Since you have the 3550, have you created the SVI for VLAN5, put an IP address on it and are the devices in VLAN5 also using this network, with VLAN5 IP address as their gateway?

Usually IP routing is on by default, but in case it's been shutoff, you can do "ip routing" in config mode.

HTH

Steve

gjcluttrell · ‎03-15-2005

Please excuse me for my ignornace but I just been introduced to switches in my network. I was given 2 Cisco Press books 2 weeks ago & was told to make it work. Those books are unreal information but I still need the hands on experience.

I have not created a SVI (or I don't think so) for VLAN 5. The IP I gave the switch is 10.1.250.50 & it is VLAN 1. All the computers that will be in VLAN 5 are on the same network just seperated from the other computers in VLAN 5 for extra security, it is a finance department.

Are you saying that I need to add another IP on VLAN 5? If I log into the switch & do the following will it do what I need it to do?

Switch# conf t

Switch(config)#int fa0/2

Switch(config-if)# switchport mode access

Switch(config-if)# switchport access vlan 5

Switch(config-if)#end

I think I am begining to understand. thanks

sukhwindersingh · ‎03-15-2005

Hi,

The commands that u have specified above will put int fa0/2 into vlan5 in this case your pc's in vlan 5 can access internet but other pc's will not be able to access internet as those are in vlan 1. What u need to do is you have to enable inter-vlan routing as you have 2 different vlans. For that you need to provide ip address to vlan5 also and specify that ip address as the default gateway for pc's in vlan5.

Here is the example:

Switch(config)#vlan 5

Switch(config-vlan)#name TEST

Switch(config-vlan)#ip address aa.bb.cc.dd 255.255.255.0

Switch(config-vlan)#exit

Switch(config)#ip routing

Then specify ip aa.bb.cc.dd as default gateway in all the pc's in vlan 5

hope this will help