Solved

setting up tagged VLAN on Foundry Fastiron Superx switches

Posted on 2011-09-15
7
2,095 Views
Last Modified: 2012-05-12
I am trying to setup a 2nd VLAN on my network using all ports on the switch. From what I understand I need to create the VLAN (VLAN 3) and add ports to it then tag them and then they can be a member of both VLAN's. When I remove a port from the default VLAN and add it to VLAN3 i can then tag it but not add it back to VLAN1 which is what i thought tagging a port allowed. Am I doing something wrong or missing something. i am using the web interface as i don't know the commands as well as I would like.

My goal is to create 2 VLANs so i can add wireless AP's with SSID's on the 2nd VLAN using a different subnet for mobile devices to access the internt without using up all my current IP addresses.

Switches are Foundry FastIron SuperX running software version 03.0.01cT3e1
0
Comment
Question by:westwoodIT
  • 4
  • 3
7 Comments
 
LVL 17

Accepted Solution

by:
Garry-G earned 500 total points
ID: 36547812
Hi,

not really sure about the web interface, as all we use is the shell ;)
I assume your current setup looks something like this:

vlan 1 name default by port
untagged ethe0/1/1 to eth0/1/24

Open in new window


To add the second VLAN, you most probably did something like this: (well, at least through the web interface)

vlan 3 name NEWVLAN by port
tagged eth0/1/10 ethe0/1/15 to eth01/20

Open in new window


In order to get the port to run both tagged and untagged, adding the appropriate option to it is required:

interface ethernet 0/1/10
dual-mode 1

Open in new window


This should do it ...
0
 
LVL 2

Author Comment

by:westwoodIT
ID: 36550908
Thanks for the response. I am working in the shell and after deleting the VLAN 3 and recreating it using the shell and then adding port 5/4 and 5/18 to VLAN 3. then I went in and ran the command
dual-mode 1
i get an error that says "not a member of vlan 1"
It removes the port from the default vlan when i add it to the new VLAN.
I have attached a screenshot of the shell commands i executed.
 screen shot of shell comands as desribed
0
 
LVL 17

Expert Comment

by:Garry-G
ID: 36550997
What happens if you reverse the sequence? i.e., have the port in vlan 1, set it to dual mode, then add it to vlan 3?
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 2

Author Comment

by:westwoodIT
ID: 36551132
I tried that. As soon as you remove port 5/4 from VLAN 3 it is no longer tagged and i get error
"cannot set untagged port 5/4 to dual mode"
I tried adding ethe 5/4 to VLAN 1 as untagged and then i was going to try the dual-mode command  but the tagged/untagged commands dont exsist in the default VLAN.

I assume all the ports need to be in the default VLAN.

i created 2 VLANs and added ethe 5/4 and 5/18 to both as tagged ports. but of course now they are not in the default VLAN. what are the impicatioons of those ports not being in the default VLAN.

Again thanks for your time.
0
 
LVL 2

Author Comment

by:westwoodIT
ID: 36551251
I figured it out.

if i followed your advise and configured dual-mode on the port it worked if i didnt add the 1 at the end
dual-mode 1
port not in vlan 1

So i did it this way
dual-mode
and it then let me add the port to both VLAN's
0
 
LVL 17

Expert Comment

by:Garry-G
ID: 36551394
OK, might be slight differences in the OS/Switch versions ... (I think we have 3.1 on ours)
Glad it's working ...
0
 
LVL 2

Author Closing Comment

by:westwoodIT
ID: 36551683
due to different versions of switches there was a slight difference in the command but he sent me down the path to the solution.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now