Cisco 2950 Switchport Settings for Multiple VLANs on single NIC

Hello,

I have multiple VLANs available on my network and I have a user that wants to be able to switch between VLANs (i.e. VLAN1 and VLAN3) on his PC.  He has the correct drivers/software that will allow him to add VLANs to his NIC but I want to set his port correctly so that he is able to move between VLANs when he needs to do so...

Setup is Cisco 2950 IOS 12.2 running VLAN 802.1q, PC setup is Windows XP pro with Intel PRO 100+ NIC.

Any things for me to consider on how to make sure he is set up properly to allow my user to do this?
Thanks in advance to those who reply.
jamartinez93Asked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

from_expCommented:
hi!
ports configuration should look like:
int fa0/1
description link_to_special_vlanned_user
switchport mode trunk
switchport trunk allowed vlans 10,20
end
0
jamartinez93Author Commented:
That seems to almost work...the problem is VLAN1 is my default network.  VLAN3 is a different network.  If I assign VLAN3 a valid IP address it works wonderfully.  However my default VLAN (VLAN1) never obtains a valid DHCP address (I have working DHCP servers on that net).  Why wouldn't I be able to transmit traffic across that default VLAN? Thoughts..thanks again in advance.
0
from_expCommented:
can you post here config of your 2950, please.
I think you have missed something
0
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

jamartinez93Author Commented:
Sure..I will edit out the IP address for it and passwords for security reasons...Thanks again in advance.

****
Building configuration...

Current configuration : 4514 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log datetime
service password-encryption
service sequence-numbers
!
hostname facilities-offices
!
enable secret 5 *****
!
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
ip dhcp-server 192.xx.xx.xx
!
!
spanning-tree mode rapid-pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/2
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/3
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/4
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/5
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/6
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/7
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/8
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/9
 description JM PC
 switchport trunk allowed vlan 1,3
 switchport mode trunk
 storm-control broadcast level 90.00 80.00
 spanning-tree bpduguard enable
!
interface FastEthernet0/10
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/11
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!        
interface FastEthernet0/12
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/13
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/14
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/15
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/16
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/17
 description JM Apple
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/18
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/19
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/20
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/21
 switchport access vlan 3
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/22
 switchport access vlan 3
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/23
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/24
 switchport mode access
 storm-control broadcast level 90.00 80.00
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/1
 switchport trunk allowed vlan 1,3
 switchport trunk pruning vlan 3
 switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.xx.xx.xx 255.255.255.0
 no ip route-cache
!
ip http server
!
line con 0
 stopbits 1
line vty 0 4
 password 7 ****
 login
line vty 5 15
 password 7 ****
 login
!
!
end
0
from_expCommented:
hi!

If you say, that your dhcp server is connected to the port with default vlan1, then clients should be able to get IPs from DHCP. Are you sure, that dhcp server is working properly?
If your DHCP server is located on the different vlan, then you have to configure dhcp snooping (feature that allows switch to pass dhcp requests from one vlan to the dhcp server, located in a different vlan)

here is a link to dhcp snooping configuration for 2950
http://www.cisco.com/en/US/docs/switches/lan/catalyst2950/software/release/12.1_19_ea1/configuration/guide/swdhcp82.html
0
jamartinez93Author Commented:
Thanks.  Yes, the DHCP is working great. Even if I give that NIC a static IP it doesn't pass traffic.  Can't ping anything on the default VLAN.  Strange...could it be the INTEL NIC PRO100+???  When I add VLAN1 and VLAN3 to the card then the NIC creates two new virtual NICs (VLAN1 & VLAN3).  VLAN3 works just fine if I give it a static IP address for that VLANs IP range.  VLAN1 however which is my default VLAN does not...with a static or obtaining an IP via DHCP.  Strange...??? No worries if you're exhausted with this one.  Thanks again...you've been extremely helpful.
0
MrJemsonCommented:
Sounds like a tagging issue to me.
Either the NIC is tagging Vlan 1, and the switch is not, or visa versa. My guess would be the latter. That is, the switch is tagging Vlan 1 on that port and the NIC is not.
0
jamartinez93Author Commented:
I was thinking it was the NIC too...there is an option to set the VLAN1 to untagged...thoughts?
0
CaoilteCommented:
Can you anonymise and post a "sh vlan" from the switch ?
0
MrJemsonCommented:
Try adding:
switchport trunk native vlan 1

This means that any untagged data on that port will be classed as Vlan 1.
If you strip the vlan tag on the NIC, you should be able to access Vlan 1.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.