Solved

Accessing 2960G cisco switch via VLAN trunk

Posted on 2009-05-19
8
664 Views
Last Modified: 2012-05-07
hi,

I have limited exposure to cisco switching, but have a rough understanding of what is happening,
I recently installed a 2960G cisco switch in to our new office space.  We created a trunk back to our core swtich that carries all the VLAN's used.
I configured all switches to either VLAN 201 or VLAN 120.  The problem is, I need to configure the IP address of the switch to be on VLAN 120 in order to connect to switch from my workstation. (as soon as trunk was installed, lost access).
I change the IP address to be on VLAN 120 but still can't access. I think I need to tell the switch to use VLAN 120 for management.
Note, the VLANS are no present on the swtich, it is getting VLAN information from core.

Can someone help me please?
0
Comment
Question by:Steven Wells
  • 4
  • 3
8 Comments
 
LVL 4

Expert Comment

by:CCI_IT
ID: 24427797
the VLANs have to be present ont he switch. They dont "get it on the core". That means that ports have to be assigned to both VLANs.  Now, if you want the management int to be on vlan 120 then...
 
config t
int vlan 120
ip address x.x.x.x  x.x.x.x(mask)
no shut
 
That's all that is needed.
0
 
LVL 13

Expert Comment

by:Quori
ID: 24427903
The VLANs don't need to be present on the switch, if the entire switch is to be used on only the one VLAN. The uplink ports from the core to the switch in question need to be configured as access ports instead of trunk ports, putting the entire switch on the configured VLAN on the core side.

Any hosts or end-devices on the new switch need to have a gateway address of the VLAN interface of the core (assuming the core is doing your inter-vlan routing). You can provide an IP address on the VLAN1 of the new switch which will be accessible via whatever VLAN is configured on the core (VLAN1 packets don't get a VLANID filled out in the header, so that will be added into the header by the core).
0
 
LVL 12

Author Comment

by:Steven Wells
ID: 24428001
Hi Quori,

We are using Port-Chanel link aggregation from a 3COM core to our cisco distribution switch. All ports on the cisco port are set as access ports, the ports connected to the 3com are configured as trunk ports.

this is part of the config used to create the port channel on the 2960

interface Port-Channel1
  description trunk to core switch
  switchport trunk allowed vlan 2-4094
  switchport mode trunk
!
interface GigabitEthernet0/47
  description trunk to core switch
  switchport trunk allowed vlan 2-4094
  switchport mode trunk
  channel-group 1 mode on

!
interface GigabitEthernet0/48
  description trunk to core switch
  switchport trunk allowed vlan 2-4094
  switchport mode trunk
  channel-group 1 mode on

then each port is tag as members of various VLANS.
as switch mode access.

I think because the switch as a native management vlan of 1. this isn't being passed?

Access on all the VLAN's is working correctly.
Yes the core switch is doing VLAN routing, not my new cisco switch.

Any ideas?
0
 
LVL 12

Author Comment

by:Steven Wells
ID: 24428007
Just re-read this part
"You can provide an IP address on the VLAN1 of the new switch which will be accessible via whatever VLAN is configured on the core (VLAN1 packets don't get a VLANID filled out in the header, so that will be added into the header by the core)."

I suspect it's missing a defautl gateway then?

0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 13

Expert Comment

by:Quori
ID: 24428025
If you want to use the above config, then yes the VLANs need to be created on the switch. If you only want one VLAN available to the 2900 then change it to switchport mode access then switchport access vlan <ID>
0
 
LVL 12

Author Comment

by:Steven Wells
ID: 24428048
I have found another config on a similar switch that I will try.

this has the config of

interface VLAN1
 no ip address
 no ip route-cache
ip default-gateway 10.60.x.x

this swtich is also setup for trunking. I will try what I have and see how I go.
0
 
LVL 13

Expert Comment

by:Quori
ID: 24428060
That is going to set the default gateway of the switch, which won't be used unless that switch is doing the routing, which it is not. You need to set the default gateway of the client.
0
 
LVL 13

Accepted Solution

by:
Quori earned 500 total points
ID: 24428066
Also, as we've been saying, when running a trunk to another switch any VLANs you want to access on it need to be added to it. Your only option to avoid this is to configure an access port to the switch.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

The worst thing when starting a new job is when the previous Network Administrator left behind no documentation. How do you get into the devices? If you've been in this situation or just accidently mistyped your password, this article will hopefully…
I see many questions here on Experts Exchange regarding switch port configurations and trunks. This article is meant for beginners in the subject to help to get basic knowledge about Virtual Local Area Network (VLAN (http://en.wikipedia.org/wiki/Vir…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now