• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3506
  • Last Modified:

Cisco Cat 2950 VLAN

Ive got a spare 2950 24 Port Switrch

Question

I want to set it up with 3VLANS 172.16.1.0/24 (Ports 1-8) 172.17.1.0/24 (Ports 8-16) and 172.18.1.0/24 (Ports 16-24)
I want the swich to have 172.16.1.1, 172.17.1.1 and 172.18.1.1 in each VLAN
I want the switch to be able to ROUTE between the lot

So I can plug in a test machine(s) into ports 1-8 (VLAN1) and give it a default gateway of 172.16.1.1 and the switch will route to the other two subnets. and vice versa

I kinda think this is possible but - its been a looong time since I worked on a cat so..............

How do I do it - what are the commands?
0
Pete Long
Asked:
Pete Long
  • 7
  • 5
  • 4
  • +1
3 Solutions
 
TheFatedCommented:
what release of code is the 2950 running?  I was pretty sure that the 2950 could only handle a single IP but I can verify.
0
 
TheFatedCommented:
I apologize, I was mistaken; it can handle multiple IPs as long as virtual interfaces are created for each VLAN.
0
 
jar3817Commented:
2950's support vlan tagging (802.1q, ISL) so each port can be in it's own vlan or any combination, but it is not a layer 3 switch, so it won't be able to route between the vlans. You need either a router or a another layer 3 switch to do the actual routing between the vlans.  
0
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

 
TheFatedCommented:
First step would be to add the VLANs to the switches VLAN database (this is assuming 12.0 code).  We will call the VLANs 2, 3, 4 since VLAN1 is the native vlan.

# vlan database
(vlan)# vlan 2 name DMZ2
(vlan)# vlan 3 name DMZ3
(vlan)# vlan 4 name DMZ4
(vlan)# exit
# conf t
(config)# int vlan 2
(config)# ip address 172.16.1.1 255.255.255.0
(config)# int vlan 3
(config)# ip address 172.17.1.1 255.255.255.0
(config)# in vlan 4
(config)# ip address 172.18.1.1 255.255.255.0
(config)# int f0/1
(config)# switchport mode access
(config)# switchport access vlan 2
<do the above command for each port that you want to connect>

I'll run that real quick on mine and see if it works but it seems like it should (in my head).
0
 
Pete LongTechnical ConsultantAuthor Commented:
Id sussed everything exept

 int f0/1


onwards

LOL

Checking...........................
0
 
Pete LongTechnical ConsultantAuthor Commented:
BTW
Cisco Internetwork Operating System Software
IOS (tm) C2950 Software (C2950-I6Q4L2-M), Version 12.1(6)EA2c, RELEASE SOFTWARE
0
 
TheFatedCommented:
looks like jar3817 is correct.  I don't have a 2950 to test with, but doing a quick lookup of the software matrix at Cisco it looks like the 2950 is only available with the standard image; i do not show an enterprise image listed which means no full layer3.

0
 
rsivanandanCommented:
Layer 2 device, configure each port as you want, have a trunk port to a router and route through that. You know it :-)

Cheers,
Rajesh
0
 
Pete LongTechnical ConsultantAuthor Commented:
Bah! OK so these will just sit in their Own VLAN and not be able to see each other then ?


Current configuration : 3711 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname ConistonCat2950
!
enable secret 5 $gobbledegook
enable password password
!
username user privilege 15 password 0 password
ip subnet-zero
no ip finger
!
!
!
interface FastEthernet0/1
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/2
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/4
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/5
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/6
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/7
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/8
 switchport access vlan 10
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/9
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/10
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/11
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/12
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/13
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/14
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/15
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/16
 switchport access vlan 11
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/17
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/18
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/19
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/20
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/21
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/22
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/23
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface FastEthernet0/24
 switchport access vlan 12
 switchport mode access
 duplex half
 spanning-tree portfast
!
interface GigabitEthernet0/1
 duplex half
 spanning-tree portfast
!
interface GigabitEthernet0/2
 duplex half
 spanning-tree portfast
!
interface Vlan1
 ip address 10.1.0.240 255.255.255.0
 no ip route-cache
!
interface Vlan10
 ip address 172.16.1.1 255.255.255.0
 no ip route-cache
 shutdown
!
interface Vlan11
 ip address 172.17.1.1 255.255.255.0
 no ip route-cache
 shutdown
!
interface Vlan12
 ip address 172.18.1.1 255.255.255.0
 no ip route-cache
 shutdown
!
ip http server
!
line con 0
 exec-timeout 0 0
 transport input none
line vty 0 4
 password password
 login
line vty 5 15
 no login
!
end

0
 
jar3817Commented:
yup...unless you include a router in the mix
0
 
rsivanandanCommented:
That is correct, ports in the same vlan will talk and if you want 10 to talk to 11 or 12 you need a router.

They are only L2 switch (Also doesn't support ISL)

Cheers,
Rajesh
0
 
Pete LongTechnical ConsultantAuthor Commented:
Ding Dong Cheers - that blew the cobwebs off my Cisco Switching LOL - Lets Split the points up..........................
0
 
Pete LongTechnical ConsultantAuthor Commented:
To anyone still subscribed

If the 2950 Could route - what would be the command (if it were a 3550 for example)
0
 
rsivanandanCommented:
ip routing

If that is enabled, then with the int vlan x commands you will be able to route.

Cheers,
Rajesh
0
 
Pete LongTechnical ConsultantAuthor Commented:
Cheers M8y - have quiet FRiday and a good weekend (Im stuck on the support Desk today Bah!)
0
 
rsivanandanCommented:
Ahh.. But you do enjoy doing that I guess :-)

Yeah and my day wasn't quite quiet though.

Cheers,
Rajesh
0
 
Pete LongTechnical ConsultantAuthor Commented:
>>But you do enjoy doing that I guess

No Id rather go to the dentist M8 LOL
0
 
rsivanandanCommented:
:-)

Cheers,
Rajesh
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 7
  • 5
  • 4
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now