Hi all, I am trying to setup a VLAN on my network which will be for servers and other resources (not clients) and I am having quite a bit of trouble getting it to work. I have setup VLANs before with Dell PowerConnect and 3Com switches but we have since switched entirely to Cisco Small Business switches and I am running into a wall apparently. Here is our current configuration: Multiple Cisco small business switches (SG200, SG300, SG500) and those all reside on the original flat network of 192.168.2.x with a management IP address for each switch on the VLAN1 default of each switch. So for example, the SG200 has 192.168.2.10, the SG300 has 192.168.2.20 and the SG500 has 192.168.2.30.
I have gone into each switch by using those management IP addresses and configured a new VLAN with the ID of 3 on each switch (VLAN3 which is on a subnet of 192.168.200.x). So what I would like to end up with, is keeping our original network the same for clients and other resources, and then placing certain server systems on the new VLAN3 to keep them in their own broadcast domain but still accessible from the client computers. So I'd like both the original LAN and the new VLAN3 to talk to each other. I think I must not understand the way these Cisco switches utilize ports that are "tagged" vs. "untagged" vs "excluded" because when I tag a port for VLAN3 and then tag another port on another switch also for VLAN 3 and so on, and so on, I cannot communicate from 192.168.2.x to VLAN3 which is 192.168.200.x.
Can anybody give me a basic overview of VLAN'ing on these small business switches. Do I need to change port types to "access" instead of trunk? They all are trunk by default. Do the uplink ports to the other switches need to be tagged or untagged? I know this all sounds so novice, but I have set VLANs up several times with older 3com and Dell switches without issue.
The tagging and untagging, access and trunk ports are related to layer 2 functionality and what you actually need is a layer 3 functionality.
SG300 or SG500 switches can be set as layer 3 devices (this is not however default setting). So please choose which device would be acting as router on your network. You will need to configure VLAN 3 (layer 2 interface) and IP address for VLAN 3 (layer 3 interface on this switch) in addition to existing VLAN 2 interface. Please ensure that all hosts and servers default gateway settings are pointing out this switch acting as router. And you should be ready to go.
This is the basic idea however if you have problems with applying this idea into real network I would recommend you to contact our Cisco Small Business Support Center and they will be happy to assist you:
Thank you for your response! I am still attempting to get this dialed in with a little luck, but I am not all the way there. Let me explain a bit more how I have it all setup and perhaps you can help further. I will explain the topology and ask questions right after each segment:
I am using a Sonicwall port as the "router port" for this VLAN, even though I know I could use the switch itself. The main reason I decided to go this route is because my other VLAN (VLAN2) which is currently in use on the network is following the exact same model/principle. From the Sonicwall port, I have a cable running into an SG500 switch on port 23. How should that port be assigned/tagged in order for VLAN3 to begin working correctly? Trunk? Tagged for VLAN3 or untagged?
From there, I have a SFP+ transceiver on port XG1 which leaves that switch and connects to another switch (SG300) on SFP+ port g10. How should that one be tagged, etc?
From there I have an Ethernet cable running from port 5 on the SG300 into another SG500 on port 13. How should both of those be tagged, etc?
All of the devices I want in VLAN3 will be underneath/connecting to this last SG500 switch, with only one device at the moment connecting into SFP+ port XG1. Should it be tagged or setup a certain way? Trunk, access?
I know this is a lot of info and I apologize for the headache, but any help would be so appreciated!
Your suggestions worked like a charm. I think I was getting hung up on the "untagging" versus "excluded". When I untagged the port coming from the Sonicwall and changed all those ports to access it seemed to do the trick. I'll let you know if I need any more expertise. Thank you Aleksandra!
Introduction:Topology Diagram:Configuration Overview:Related
Information: Introduction: This document describes how to connect SG300
with Catalyst switch via STP. Spanning Tree Protocol (STP) is a Layer 2
protocol that runs on mainly on switches. The spec...
On a technical level, Cisco 300 Series is far superior to the HP 1910
and 2530 products. This document provides evidence that Cisco has >100
features not supported by the HP platforms. Check this out and decide
for yourselves. Notes (2/5/2014):- Informati...
Recently, HP Networking published a blog post attempting to counter the
favorable third party Miercom report on our Cisco® 200 and 300 Series
Smart and Managed switches: