VLAN trunking from Cisco Catalyst 3750 to Cisco SF300-48P issue and related
I'm having difficulties to configure VLAN trunking between Cisco Catalyst 3750 switch with Cisco SF300-48P switch and my workstation unable to get any DHCP IP from our DHCP server via Cisco SF300-48P switch. Below is the snippet of configuration on both switches:
[Cisco Catalyst 3750 Switch]
interface GigabitEthernet1/0/45 description NCC-CC-1stFlr no switchport trunk encapsulation dot1q no switchport trunk allowed vlan 101-103 spanning-tree portfast
[Cisco SF300-48P Switch]
interface fastethernet48 spanning-tree link-type point-to-point switchport trunk allowed vlan add 101-103 macro description switch !next command is internal. macro auto smartport dynamic_type switch ! interface fastethernet29 switchport mode general switchport general allowed vlan add 103 tagged switchport general pvid 103
for the trunk port on Catalyst on port GE 1/0/45, we need to enable the trunk and for on encapsulation dot1q because this catalyst model is ISL capable also and the SF300 working only with Dot1q Encapsultion
The configuration on catalyst should :
#interface Gi 1/0/45
# switchport encapsulation
#switchport trunk encapsulation dot1q
#switchport mode trunk
#switchport trunk allowed vlan 101-103
For SF300 the port trunk it looks fine but for the port where the PC should receive an IP address
On the other hand, Cisco SF300-48P switch has three port mode: General, Access, Trunk. Does these mode similar to normal Cisco switch VLAN's port mode? and what 'General' port mode means? I noticed there's a command called 'protected' port mode on the switch as well.
General port allows to configure ports as trunk, access and any other option which would be not allowed with trunk or access. Trunk and access require that Port VLAN ID is matching always untagged VLAN, while with General you have no such a restriction. In practice this allows the port be a member of different VLAN for inbound traffic and different VLAN for outbound traffic if PVID does not match untagged VLAN ID.
Protected port concept however does not require vlan tag and does not allow trunk. It is purely limited to one unit and cannot be scaled accross many switches. Protected port cannot communicate with other protected port but can with other ports which have not thi option enable. You can imagine this as MAC ACL added to the port and not dot1q encapsulation.
Sx550X, Sx350X, Sx250: PSE will Supply Power to Catalyst PSE Ports
May 31, 2016
June 5, 2017
Configure Remote Network Monitoring (RMON) Events Control Settings on a Switch through the Command Line Interface (CLI)
Remote Network Monitoring (RMON) was developed by the Internet Engineering Task Force (IETF) to support...