Formatech
asked on
VLAN issue
Hello all,
I currently have a Linksys SRW2048 switch in our core, with 8 ports designated as VLAN 200. I have a fiber uplink to a cisco 2950. I am trying to get one of the ports on the 2950 onto VLAN 200. I have configured the linksys switch to trunk, as well as the cisco switch to trunk. here is the config from the cisco switch:
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname IDF-Cisco2950-1
!
no logging console
enable secret 5 $1$Zq1D$kRoAfE30zaWhP0hD0p
!
ip subnet-zero
!
no ip domain-lookup
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1 - 23
switchport mode access
no ip address
!
interface FastEthernet0/24
switchport access vlan 200
switchport mode access
no ip address
!
interface GigabitEthernet0/1
description Uplink to MDF-LINKSYS2048-1
switchport mode trunk
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface Vlan1
ip address 192.168.10.17 255.255.255.0
no ip route-cache
!
interface Vlan200
ip address 172.16.254.31 255.255.255.0
no ip route-cache
shutdown
!
ip default-gateway 192.168.10.1
ip http server
As you can see in the config, int VLAN200 is shutdown. When I no shut that interface, I lose all connectivity. This VLAN 200 is just our DMZ. And at the linksys switch, all VLAN 200 ports work as the DMZ, no issues there. But when trying to spread the VLAN200 to another switch, it doesn't work.
Am I missing somthing in the 2950 config? The linksys switch only give you the abillity to change the port from access to trunk, no finite options.
Hopefully I have shed enough light on the existing config, and someone will probably have the answer right off
THANK YOU!!
I currently have a Linksys SRW2048 switch in our core, with 8 ports designated as VLAN 200. I have a fiber uplink to a cisco 2950. I am trying to get one of the ports on the 2950 onto VLAN 200. I have configured the linksys switch to trunk, as well as the cisco switch to trunk. here is the config from the cisco switch:
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname IDF-Cisco2950-1
!
no logging console
enable secret 5 $1$Zq1D$kRoAfE30zaWhP0hD0p
!
ip subnet-zero
!
no ip domain-lookup
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
interface FastEthernet0/1 - 23
switchport mode access
no ip address
!
interface FastEthernet0/24
switchport access vlan 200
switchport mode access
no ip address
!
interface GigabitEthernet0/1
description Uplink to MDF-LINKSYS2048-1
switchport mode trunk
no ip address
!
interface GigabitEthernet0/2
no ip address
!
interface Vlan1
ip address 192.168.10.17 255.255.255.0
no ip route-cache
!
interface Vlan200
ip address 172.16.254.31 255.255.255.0
no ip route-cache
shutdown
!
ip default-gateway 192.168.10.1
ip http server
As you can see in the config, int VLAN200 is shutdown. When I no shut that interface, I lose all connectivity. This VLAN 200 is just our DMZ. And at the linksys switch, all VLAN 200 ports work as the DMZ, no issues there. But when trying to spread the VLAN200 to another switch, it doesn't work.
Am I missing somthing in the 2950 config? The linksys switch only give you the abillity to change the port from access to trunk, no finite options.
Hopefully I have shed enough light on the existing config, and someone will probably have the answer right off
THANK YOU!!
ASKER
So, if I cannot make one port VLAN200(dmz) and the rest of the ports to the other?
ASKER
Also, there is the output from show interface trunk
IDF-Cisco2950-1#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-4094
Port Vlans allowed and active in management domain
Gi0/1 1,200
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1,200
IDF-Cisco2950-1#sh int trunk
Port Mode Encapsulation Status Native vlan
Gi0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gi0/1 1-4094
Port Vlans allowed and active in management domain
Gi0/1 1,200
Port Vlans in spanning tree forwarding state and not pruned
Gi0/1 1,200
ASKER
Or could I shutdown VLAN1 and no shut VLAN200, and ports 1-23 will be on the network, and port 24 would be on the DMZ network
A VLAN is a network is a broadcast domain. By it's nature, a router is required if you want to move packets from one VLAN to another.
From what I understand of your question, you have two switches. If you have two VLANs on each switch and you want them to be able to communicate with their counterpart VLAN on the other switch, you will need a trunk to carry both VLAN's. This will NOT allow the VLAN's to talk to each other.
Whatever device you have plugged in to port 24 should be able to talk to a device connected to the Linksys VLAN200.
From what I understand of your question, you have two switches. If you have two VLANs on each switch and you want them to be able to communicate with their counterpart VLAN on the other switch, you will need a trunk to carry both VLAN's. This will NOT allow the VLAN's to talk to each other.
Whatever device you have plugged in to port 24 should be able to talk to a device connected to the Linksys VLAN200.
ASKER
Yes, I understand what a VLAN is. No I am not trying to route between the 2 vlans. I am just trying to get the DMZ down to the other end of the building, via VLAN200 and port 24 on the 2950. When I no shut the VLAN200, the switch loses all connectivity. I understand the 2950 is only a layer 2 switch, and will not support multiple vlans. My question now is: Can this 2950 have one port segregated to the DMZ, and the rest still be on the internal vlan?
Thank you
Thank you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Verify that the trunk is functioning by using the "show interface trunk" on the 2950.
Also, only one of the port on the 2950 is in VLAN 200 (fa0/24). That is the only device that will be able to communicate with the VLAN200 devices on the Linksys.