?
Solved

Cisco 1811 VLANs

Posted on 2012-09-18
8
Medium Priority
?
1,339 Views
Last Modified: 2012-10-11
I have a Cisco 1811 and several Cisco 1960Gs within the same VTP Domain.  The Router has an integrated switch which the "core" switch is connected to.  This interface does not support sub-interfaces (I'm assuming because it is a switchport not a router interface).  These switchports do support trunk/native modes.  The router has two interfaces, one is used as the uplink/outside int for our ISPs modem.  These interfaces do support sub-interfaces.

I have the router inside switchport set to trunk, and vlans defined on the master switch with VTP in Server mode.  How should/can I go about added vlans to the router, and this have it be an IVR?

Any suggestions or links would be greatly appreciated.

Thanks,
Robert
0
Comment
Question by:Robert Davis
8 Comments
 
LVL 7

Expert Comment

by:unfragmented
ID: 38412507
If I've understood you correctly, you have an 1811 connected to a 2960G switch.

If you have VTP configured correctly, it means your vlan databases on the 1811 and 2960 should be synchronized.  Prove this by running 'show vlan' on both devices.

You have a vlan trunk configured between both devices.  That means that each vlan should extend across both devices.

To make the router 'route' between these vlans you need to create 'switch virtual interfaces' (SVI's).  Do this with the following commands for each vlan:-
int vlan 1
 ip address a.a.a.a b.b.b.b
int vlan 2
 ip address c.c.c.c d.d.d.d
int vlan 3
....etc

After that, the router should route between these vlans correctly.

Hopefully that makes sense!
0
 

Expert Comment

by:hoanhanh
ID: 38416220
Hi,

On Router 1811

ex:

conf t
int f0/0
no shu

//create sub interface

int f0/0.10
ip add 10.1.0.1 255.255.255.0
encapsulation dot1q 10


and

int f0/0.20
ip add 20.1.0.1 255.255.255.0
encapsulation dot1q 20


I hope it is useful for you !
0
 
LVL 1

Author Comment

by:Robert Davis
ID: 38416295
So F0/0 is currently out int tied to the out-side firewall zone and our ISP.  Should I be making sub ints on this int, or should I bring up and sub int the unused F0/1?

Thanks,
Robert
0
Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

 
LVL 4

Assisted Solution

by:rbadua
rbadua earned 2000 total points
ID: 38417221
int f0/0
description ISP"
ip add x.x.x.x x.x.x.x
no shut

int f0/1
description Internal Network
encapsulation dot1q
no shut

int f0/1.10
encapsulation dot1q 10
ip add x.x.x.x x.x.x.x
no shut

int f0/1.20
encapsulation dot1q 20
ip add x.x.x.x x.x.x.x

vlan 10
 name vlan10
vlan 20
 name vlan 20

ip route 0.0.0.0 0.0.0.0 fa0/0

At this point the a port on the 2960 should be configured as a dot1q trunk port.  At the same time the 2960 should be in the same vtp domain/password and set as client.  The vlan command above creates the vlans to propogated to the 2960 (assuming the router is configured as VTP server).  

As for the switchports on the router, you can use them as addition ports by placing them as "switchport access vlan xx"

Hope this helps.
0
 
LVL 1

Author Comment

by:Robert Davis
ID: 38418735
rbadua, that helps a lot!  Just to confirm: So you're saying connect the uplink of the 2960 to F0/1, instead of the integrated switchport F0/2?  And then subint that?
0
 
LVL 4

Accepted Solution

by:
rbadua earned 2000 total points
ID: 38419177
Yep.....dont need to sub interface the 2960.  Just configure a single port as a trunk.  then assign individual ports to the vlan that you want it to be in.
0
 
LVL 1

Assisted Solution

by:Robert Davis
Robert Davis earned 0 total points
ID: 38470637
rbadua I think you misunderstood my last question so I wish to clarrify for others:

What I meant was I should not be using the 1811 Integrated switchport Fa2-8 for my inside link because I cannot subint them, instead I should move from the 1811 integrated switch port Fa2 (the 2960 is unrelated and external to this) to Fa1.

I did this, and it worked! Thank you!!

Regards,
Robert
0
 
LVL 1

Author Closing Comment

by:Robert Davis
ID: 38485218
Solution was in the config, I needed to be using the router port, not the integrated switch port.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
Unable to change the program that handles the scan event from a network attached Canon/Brother printer/scanner. This means you'll always have to choose which program handles this action, e.g. ControlCenter4 (in the case of a Brother).
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question