Solved

Cisco Cat 2950 VLAN

Posted on 2006-11-02
18
3,424 Views
Last Modified: 2010-08-05
Ive got a spare 2950 24 Port Switrch

Question

I want to set it up with 3VLANS 172.16.1.0/24 (Ports 1-8) 172.17.1.0/24 (Ports 8-16) and 172.18.1.0/24 (Ports 16-24)
I want the swich to have 172.16.1.1, 172.17.1.1 and 172.18.1.1 in each VLAN
I want the switch to be able to ROUTE between the lot

So I can plug in a test machine(s) into ports 1-8 (VLAN1) and give it a default gateway of 172.16.1.1 and the switch will route to the other two subnets. and vice versa

I kinda think this is possible but - its been a looong time since I worked on a cat so..............

How do I do it - what are the commands?
0
Comment
Question by:Pete Long
  • 7
  • 5
  • 4
  • +1
18 Comments
 
LVL 1

Expert Comment

by:TheFated
ID: 17859357
what release of code is the 2950 running?  I was pretty sure that the 2950 could only handle a single IP but I can verify.
0
 
LVL 1

Expert Comment

by:TheFated
ID: 17859400
I apologize, I was mistaken; it can handle multiple IPs as long as virtual interfaces are created for each VLAN.
0
 
LVL 26

Accepted Solution

by:
jar3817 earned 168 total points
ID: 17859445
2950's support vlan tagging (802.1q, ISL) so each port can be in it's own vlan or any combination, but it is not a layer 3 switch, so it won't be able to route between the vlans. You need either a router or a another layer 3 switch to do the actual routing between the vlans.  
0
 
LVL 1

Assisted Solution

by:TheFated
TheFated earned 166 total points
ID: 17859456
First step would be to add the VLANs to the switches VLAN database (this is assuming 12.0 code).  We will call the VLANs 2, 3, 4 since VLAN1 is the native vlan.

# vlan database
(vlan)# vlan 2 name DMZ2
(vlan)# vlan 3 name DMZ3
(vlan)# vlan 4 name DMZ4
(vlan)# exit
# conf t
(config)# int vlan 2
(config)# ip address 172.16.1.1 255.255.255.0
(config)# int vlan 3
(config)# ip address 172.17.1.1 255.255.255.0
(config)# in vlan 4
(config)# ip address 172.18.1.1 255.255.255.0
(config)# int f0/1
(config)# switchport mode access
(config)# switchport access vlan 2
<do the above command for each port that you want to connect>

I'll run that real quick on mine and see if it works but it seems like it should (in my head).
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17859498
Id sussed everything exept

 int f0/1


onwards

LOL

Checking...........................
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17859506
BTW
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(6)EA2c, RELEASE SOFTWARE
0
 
LVL 1

Expert Comment

by:TheFated
ID: 17859571
looks like jar3817 is correct.  I don't have a 2950 to test with, but doing a quick lookup of the software matrix at Cisco it looks like the 2950 is only available with the standard image; i do not show an enterprise image listed which means no full layer3.

0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17859625
Layer 2 device, configure each port as you want, have a trunk port to a router and route through that. You know it :-)

Cheers,
Rajesh
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17859675
Bah! OK so these will just sit in their Own VLAN and not be able to see each other then ?


Current configuration : 3711 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ConistonCat2950
!
enable secret 5 $gobbledegook
enable password password
!
username user privilege 15 password 0 password
ip subnet-zero
no ip finger
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface GigabitEthernet0/1
 duplex half
 spanning-tree portfast
!
interface GigabitEthernet0/2
 duplex half
 spanning-tree portfast
!
interface Vlan1
 ip address 10.1.0.240 255.255.255.0
 no ip route-cache
!
interface Vlan10
 ip address 172.16.1.1 255.255.255.0
 no ip route-cache
 shutdown
!
interface Vlan11
 ip address 172.17.1.1 255.255.255.0
 no ip route-cache
 shutdown
!
interface Vlan12
 ip address 172.18.1.1 255.255.255.0
 no ip route-cache
 shutdown
!
ip http server
!
line con 0
 exec-timeout 0 0
 transport input none
line vty 0 4
 password password
 login
line vty 5 15
 no login
!
end

0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 26

Expert Comment

by:jar3817
ID: 17859708
yup...unless you include a router in the mix
0
 
LVL 32

Assisted Solution

by:rsivanandan
rsivanandan earned 166 total points
ID: 17859732
That is correct, ports in the same vlan will talk and if you want 10 to talk to 11 or 12 you need a router.

They are only L2 switch (Also doesn't support ISL)

Cheers,
Rajesh
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17859748
Ding Dong Cheers - that blew the cobwebs off my Cisco Switching LOL - Lets Split the points up..........................
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17864931
To anyone still subscribed

If the 2950 Could route - what would be the command (if it were a 3550 for example)
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17865565
ip routing

If that is enabled, then with the int vlan x commands you will be able to route.

Cheers,
Rajesh
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17865592
Cheers M8y - have quiet FRiday and a good weekend (Im stuck on the support Desk today Bah!)
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17866290
Ahh.. But you do enjoy doing that I guess :-)

Yeah and my day wasn't quite quiet though.

Cheers,
Rajesh
0
 
LVL 57

Author Comment

by:Pete Long
ID: 17869154
>>But you do enjoy doing that I guess

No Id rather go to the dentist M8 LOL
0
 
LVL 32

Expert Comment

by:rsivanandan
ID: 17871847
:-)

Cheers,
Rajesh
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Join & Write a Comment

Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now