Solved

Cisco Router 877 DHCP Scopes and Vlans

Posted on 2013-02-06
21
747 Views
Last Modified: 2013-02-08
Hello Experts,
I have configured 2 vlans  ( vlan 1 and vlan 2) on a cisco router and 2 DHCP scopes. I have connected the router to my core switch ( Cisco 6500).

Fasthernet 0 to Cisco Switcport 20. This switcport is in vlan 10
Fathernet 1 to Cisco Switchport 21. This switchport in vlan 20

I want the users in vlan 10 and vlan 20 to get the DHCP from the cisco router. This is not happening so.

My router config as follows

ip dhcp pool Vlan1
   network 192.168.8.0 255.255.252.0
   dns-server 8.8.8.8
   default-router 192.168.8.1
   lease 0 6
!
ip dhcp pool Vlan2
   network 192.168.20.0 255.255.252.0
   dns-server 4.2.2.2
   default-router 192.168.20.1
   lease 0 6

vlan 2
 name Guest1
!

interface FastEthernet0
!
interface FastEthernet1
!
interface FastEthernet2
 switchport access vlan 2
!
interface FastEthernet3
!
interface Vlan1
 ip address 192.168.8.2 255.255.252.0 secondary
ip nat inside
 ip virtual-reassembly
!
interface Vlan2
 ip address 192.168.20.1 255.255.252.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!

Switch Config

interface gi0/20
switchport access vlan 10

interface gi0/21
switchport access vlan 20

I connected a laptop directly to the router to specific interfaces and its working fine.


Please can someone help me to resolve this issue
0
Comment
Question by:cciedreamer
  • 10
  • 8
  • 2
  • +1
21 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38859341
It's really bad to change VLAN numbers like that. It's just... confusing.

It could be DTP. I can't remember if the 877's do DTP or not, but try this:

int f1
 switchport mode access
int f2
 switchport mode access
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38859389
Hi,
Thank you for your fast response.
I have tried the above commands but no luck.

This is what I need
Any host connecting to ports belonging to vlan 10 ( on switch )get a dhcp lease from the dhcp pool

ip dhcp pool Vlan1
   network 192.168.8.0 255.255.252.0
   dns-server 8.8.8.8
   default-router 192.168.8.1
   lease 0 6

Any host connecting to ports belonging to vlan 20 ( on switch )get a dhcp lease from the dhcp pool

ip dhcp pool Vlan2
   network 192.168.20.0 255.255.252.0
   dns-server 4.2.2.2
   default-router 192.168.20.1
   lease 0 6

In this regard I created an additional vlan on cisco router ( vlan 2) and assgined the port fa1 to this vlan and this port is connecting my switch.( vlan 20)

Samir
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38859457
Please post the config of the router (using the "code" feature) and indicate which ports are connected to the 6500 and which ports are connected to the PC.
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38859921
Here we go.

sh running-config
Building configuration...

Current configuration : 4302 bytes

version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 1234
!
no aaa new-model


dot11 syslog
ip source-route
ip dhcp excluded-address 192.168.8.1 192.168.8.2
ip dhcp excluded-address 192.168.20.1 192.168.20.10
!
ip dhcp pool Vlan1
   network 192.168.8.0 255.255.252.0
   dns-server 4.2.2.2
   default-router 192.168.8.1
   lease 0 6
!
ip dhcp pool Vlan2
   network 192.168.20.0 255.255.252.0
   dns-server 4.2.2.2
   default-router 192.168.20.1
   lease 0 6
!
vtp domain TEST  ( Created automatically, this is my switch vtp domain)
vtp mode transparent
!
!
vlan 2
 name Guest1
!
interface ATM0
 no ip address
 no atm ilmi-keepalive
 pvc 0/35
  pppoe-client dial-pool-number 1
 !
!
interface FastEthernet0
!
interface FastEthernet1
<<< Connected to Cisco Switch 6500 to Gi0/20. The port belongs to vlan 10>>>
!
interface FastEthernet2
 switchport access vlan 2
<<< Connected to Cisco Switch 6500 to Gi0/21. The port belongs to vlan 20>>>

!
interface FastEthernet3
 switchport access vlan 2
<<< Connected to PC>>
!
interface Vlan1
 ip address 192.168.8.2 255.255.252.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Vlan2
 ip address 192.168.20.1 255.255.252.0
 ip nat inside
 ip virtual-reassembly
 ip tcp adjust-mss 1452
!
interface Dialer1
 ip address negotiated
 ip mtu 1492
 ip nat outside
 ip virtual-reassembly
 encapsulation ppp
 dialer pool 1
 dialer-group 1
 ppp authentication pap chap callin
 ppp chap hostname XXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
 ppp chap password 7 XXXXXXXXXXXXXx
 ppp pap sent-username XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXxx
 no cdp enable
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
ip nat inside source list 100 interface Dialer1 overload
ip route 0.0.0.0 0.0.0.0 Dialer1
!
access-list 100 permit ip 192.168.20.0 0.0.3.255 any
access-list 100 permit ip 192.168.8.0 0.0.3.255 any
!
!
!
!
control-plane
!
!
line con 0
 no modem enable
line aux 0
line vty 0 4
 privilege level 15
 password 7 1234
 login local
!
scheduler max-task-time 5000
end
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38859952
Please post configs using the "code" feature.

Does the PC connected to port 3 get an IP address on the 192.168.20.0/22 network?
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38859968
"Please post configs using the "code" feature." I didn't get. I posted description under router interface.

Yes, the pc gets an ip address.,if I connect fa1 belonging to vlan1 or fa2 belonging to vlan2. I get the address from both subnet.

Thanks
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38859976
So what's the problem?
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38860009
If I connect a laptop to my core switch and configured to vlan 10 or 20 I am not getting the  DHCP IP address.
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38860095
I just to know from my colleague, that it works for couple of hours and then stops leasing the address.

What's that ?
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38860134
If I connect a laptop to my core switch and configured to vlan 10 or 20 I am not getting the  DHCP IP address.
Then it's either a config issue on the core switch or the link between the core switch and the router.

Are you certain that the PC connected on the core switch is on a VLAN 10 or 20 interface?
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 
LVL 3

Author Comment

by:cciedreamer
ID: 38860236
Yes I am certainly sure

Hers is switch config

interface gi0/20
switchport
switchport access vlan 10

interface gi0/21
switchport
switchport access vlan 20
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38860454
post the output of a "show interface status" from the router and the switch.
0
 
LVL 17

Accepted Solution

by:
rochey2009 earned 500 total points
ID: 38860498
Hi,

The IP address on interface Vlan1 on the router is defined as a secondary. DHCP will only be served on a primary IP interface. Remove the secondary keyword.

interface Vlan1
 no ip address 192.168.8.2 255.255.252.0 secondary
 ip address 192.168.8.2 255.255.252.0
0
 
LVL 17

Expert Comment

by:rochey2009
ID: 38860524
As Don Johnston already suggested it may also be worth nailing the switchports for the router links to access mode.

switchport mode access

Router:
interface FastEthernet1
 switchport mode access

interface FastEthernet2
 switchport mode access
 switchport access vlan 2


Switch:

interface gi0/20
switchport
switchport mode access
switchport access vlan 10

interface gi0/21
switchport
switchport mode access
switchport access vlan 20
0
 
LVL 45

Expert Comment

by:Craig Beck
ID: 38861641
Ok, everyone be clear on the VLAN IDs first!  The VLAN IDs should match at each ends of the link, so if you connect Fa0 on the router to gi0/20 on the switch they should both say switchport access vlan 10, for example.  If anything it just makes it easier to read :-)

Also, have you actually created the VLANs on the 6500?  When you put a port in a particular VLAN on the 6500 it won't automatically create the VLAN ID (if memory serves).

Check by issuing the show vlan brief command on the 6500.  If you see the VLAN IDs in the list you're ok, otherwise try this:

conf t
 vlan 10
 vlan 20
 end


Obviously, make sure the VLAN IDs are the same as yours!
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38864012
@ craigbeck. First of all let me clearly say that I have created vlans on 6500 ( vlan 10 and 20).  I configured the switchports on the respective vlans on 6500.
My router is limited to create only 2 vlans. There is already default vlan ( vlan 1) and I have created vlan 2. Even through it will not matter if I create the vlans with same vlan ID. As I noted , this setup is working for couple of hours. The router lease the IP addresses to specific vlans but then stop working. ( any suggestions on this point)

Samir
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38864029
As I noted , this setup is working for couple of hours. The router lease the IP addresses to specific vlans but then stop working.

What exactly "stops working"? DHCP? All traffic?
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38864089
DHCP. It stops leasing the address.
0
 
LVL 3

Author Comment

by:cciedreamer
ID: 38865152
I just want clarify if am not something doing wrong with vlan configuration on router, What is the recommended way to create vlan on  router 877.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 38865522
Other than a ridiculous lease time of 6 minutes, the config looks like to me.

When it stops giving out addresses, what does the binding and pool look like? (show ip dhcp pool, show ip dhcp binding)
0
 
LVL 3

Author Closing Comment

by:cciedreamer
ID: 38867978
Thank you all for the help.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Suggested Solutions

New Server 172.16.200.2  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address 172.16.100.2. But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
Tired of waiting for your show or movie to load?  Are buffering issues a constant problem with your internet connection?  Check this article out to see if these simple adjustments are the solution for you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now