cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19059
Views
0
Helpful
7
Replies

SG300 and SG200 VLAN Trunk

CT_Dude
Level 1
Level 1

Hi

Would be nice if someone could show us the light at the end of the tunnel.

Got 4 Cisco Switches 2 x SG300 and 2 x SG200.

All the switches are connected via fibre cable to each other.

Trying to setup 2 VLAN's on the switch :

1st VLAN normal network traffic.

2nd VLAN geust wireless traffic.

The ports on the switches connected with fibre cable are set to Trunk ports.

How do you need to setup the 2 different VLAN's so they can still communicate over the Trunk ports to the other switches?

Attached some images of how we got it setup at the moment.

But had no success on getting this working yet.

7 Replies 7

CT_Dude
Level 1
Level 1

Not sure if this is the correct way to do it but got it working as follow.

Fibre ports left as Trunk ports and tagged in VLAN15.

Changed the WIFIDMZ vlan to General VLAN 15 and admit all traffce.

VLAN 1 changed port of WIFIDMZ to forbidden and tagged in VLAN15.

Wifi network (dhcp) working over the Trunk ports now between the 2 switches.

Hi,

Congratulations, not the way I would have done it but obviously it's working and you are happy and that is the main thing...

You said say it is mainly working , which tells me that the;

  1. fiber ports are correctly connected between switches and working.
  2. the default vlan is correctly connected i guess to allow you to manage all switches.

Personally I would have;

  • made sure each switch is at the current version of firmware,

  • left all switch ports in  trunk mode and not altered any ports to general mode.

  • Trunk mode allows for one untagged vlan and many tagged vlans.

  • If you were in the VLAN>Interface setting page, tby clicking help, page specific help would pop up explaining the options..

  • If the Access Point (AP) is VLAN aware I would have tagged the switch port it is connected to for VLAN15 and left VLAN 1 there as a untagged port so you could manage the AP.
  • Used these wonderful switch Access-list functionality to restrict access so that wireless Guest could not access VLAN 1.

DHCP should be working on the default VLAN, but vlan 15 needs to be trunked to a vlan aware router that can provide DHCP services and NAT services for the wireless guests. Something as simple as a Cisco Small Business  RV220W or even RV120W could act as a VLAN aware router , depending on the network size.

What follows is a link that may provide you with some extra hints and a recording i made to show how I set up LAG between two switches.

https://supportforums.cisco.com/thread/2079258

Again thank you for your business.

regards Dave

Hi David

Thank you for the reply.

We found out that the way we set it up is only working on the SG300.

Still trying to find out why.

Switches connected as follow.

SG200 - SG300 - SG300 - SG200 - SG200.

So if you have a port setup on VLAN 15 on both the SG300 it works.

As soon as we try to put a VLAN 15 on SG300 and then on SG200 the devices can't communicate to each other on VLAN 15.

Might go the tagged and untagged way leaving all ports as trunk if we can't get the SG300 to talk to SG200 on the same VLAN.

Still having issues with VLAN between SG200 and SG300.

Can anyone shine some light on this?

Hello Cillie,

From reading the post it looks like you have two VLAN's.

Native ? VLAN 1 for your network

and

WIFIDMZ VLAN 15 for the WIFI network

If that is all of the VLAN's and the numbers are correct, I would setup all connecting ports as Trunk, with PVID as 1 untagged, and 15 as tagged.

Things that could cause issues is level 2 loops and spanning-tree. Make sure you set a switch to the root bridge. This can be done by setting one of the switches root priority from the default 32768 to 4096 or even 0. The value needs to be an increment of 4096.

If you are still not able to get this to work, I would recommend calling in and talking with a support engineer. We may need to look at the current configuration in order to find more information. the number to call in and create a case is 1-866-606-1866

Hope this helps

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

Hi Randy

Thank you for replying.

Reason why I can't leave everything in Trunk is that in future we will probably create another VLAN.

Forgot to mention this, sorry.

Can you still have 3 VLAN's and put all ports to Trunk?

Hi Cillie,

I am not aware of any limit on how many vlans are allowed on a trunk you should be able to have all Vlans pass. Just add the vlan to the trunk as tagged on both sides. The most I have seen is 100 vlans, it was only a test environment but it was working.

hope this helps.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Switch products supported in this community
Cisco Business Product Family
  • CBS110
  • CBS220
  • CBS250
  • CBS350
Cisco Switching Product Family
  • 110
  • 200
  • 220
  • 250
  • 300
  • 350
  • 350X
  • 550X