?
Solved

Cisco 2950 Switchport Settings for Multiple VLANs on single NIC

Posted on 2008-11-06
10
Medium Priority
?
2,962 Views
Last Modified: 2012-05-05
Hello,

I have multiple VLANs available on my network and I have a user that wants to be able to switch between VLANs (i.e. VLAN1 and VLAN3) on his PC.  He has the correct drivers/software that will allow him to add VLANs to his NIC but I want to set his port correctly so that he is able to move between VLANs when he needs to do so...

Setup is Cisco 2950 IOS 12.2 running VLAN 802.1q, PC setup is Windows XP pro with Intel PRO 100+ NIC.

Any things for me to consider on how to make sure he is set up properly to allow my user to do this?
Thanks in advance to those who reply.
0
Comment
Question by:jamartinez93
  • 4
  • 3
  • 2
  • +1
10 Comments
 
LVL 21

Expert Comment

by:from_exp
ID: 22902228
hi!
ports configuration should look like:
int fa0/1
description link_to_special_vlanned_user
switchport mode trunk
switchport trunk allowed vlans 10,20
end
0
 

Author Comment

by:jamartinez93
ID: 22905783
That seems to almost work...the problem is VLAN1 is my default network.  VLAN3 is a different network.  If I assign VLAN3 a valid IP address it works wonderfully.  However my default VLAN (VLAN1) never obtains a valid DHCP address (I have working DHCP servers on that net).  Why wouldn't I be able to transmit traffic across that default VLAN? Thoughts..thanks again in advance.
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22907161
can you post here config of your 2950, please.
I think you have missed something
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:jamartinez93
ID: 22907750
Sure..I will edit out the IP address for it and passwords for security reasons...Thanks again in advance.

****
Building configuration...

Current configuration : 4514 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime
service password-encryption
service sequence-numbers
!
hostname facilities-offices
!
enable secret 5 *****
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
ip dhcp-server 192.xx.xx.xx
!
!
spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/2
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/3
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/4
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/5
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/6
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/7
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/8
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/9
 description JM PC
 switchport trunk allowed vlan 1,3
 switchport mode trunk
 storm-control broadcast level 90.00 80.00
 spanning-tree bpduguard enable
!
interface FastEthernet0/10
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/11
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!        
interface FastEthernet0/12
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/13
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/14
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/15
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/16
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/17
 description JM Apple
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/18
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/19
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/20
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/21
 switchport access vlan 3
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/22
 switchport access vlan 3
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/23
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/24
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/1
 switchport trunk allowed vlan 1,3
 switchport trunk pruning vlan 3
 switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.xx.xx.xx 255.255.255.0
 no ip route-cache
!
ip http server
!
line con 0
 stopbits 1
line vty 0 4
 password 7 ****
 login
line vty 5 15
 password 7 ****
 login
!
!
end
0
 
LVL 21

Expert Comment

by:from_exp
ID: 22907898
hi!

If you say, that your dhcp server is connected to the port with default vlan1, then clients should be able to get IPs from DHCP. Are you sure, that dhcp server is working properly?
If your DHCP server is located on the different vlan, then you have to configure dhcp snooping (feature that allows switch to pass dhcp requests from one vlan to the dhcp server, located in a different vlan)

here is a link to dhcp snooping configuration for 2950
http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swdhcp82.html
0
 

Author Comment

by:jamartinez93
ID: 22908051
Thanks.  Yes, the DHCP is working great. Even if I give that NIC a static IP it doesn't pass traffic.  Can't ping anything on the default VLAN.  Strange...could it be the INTEL NIC PRO100+???  When I add VLAN1 and VLAN3 to the card then the NIC creates two new virtual NICs (VLAN1 & VLAN3).  VLAN3 works just fine if I give it a static IP address for that VLANs IP range.  VLAN1 however which is my default VLAN does not...with a static or obtaining an IP via DHCP.  Strange...??? No worries if you're exhausted with this one.  Thanks again...you've been extremely helpful.
0
 
LVL 8

Expert Comment

by:MrJemson
ID: 22910043
Sounds like a tagging issue to me.
Either the NIC is tagging Vlan 1, and the switch is not, or visa versa. My guess would be the latter. That is, the switch is tagging Vlan 1 on that port and the NIC is not.
0
 

Author Comment

by:jamartinez93
ID: 22911081
I was thinking it was the NIC too...there is an option to set the VLAN1 to untagged...thoughts?
0
 
LVL 3

Expert Comment

by:Caoilte
ID: 22911609
Can you anonymise and post a "sh vlan" from the switch ?
0
 
LVL 8

Accepted Solution

by:
MrJemson earned 500 total points
ID: 22918006
Try adding:
switchport trunk native vlan 1

This means that any untagged data on that port will be classed as Vlan 1.
If you strip the vlan tag on the NIC, you should be able to access Vlan 1.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I eventually solved a perplexing problem setting up telnet for a new switch.  I installed a new Cisco WS-03560X-24P switch connected to an existing Cisco 4506 running a WS-X4013-10GE Sup II-Plus. After configuring vlans and trunking,  I could no…
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question