Cisco SGE 2000 Switch VLAN Configurations

Posted on 2014-08-17
Last Modified: 2014-08-18

I currently have a Cisco SGE 2000 Switch.  The switch has been reset to factory default.  All ports were on VLAN 1 but I created a new VLAN 5 and put all ports on VLAN 5 instead.  All the ports are set as Untagged Access ports under VLAN 5.  I configured the new IP, Subnet, and Gateway of the Switch to point to the SonicWALL TZ215 Firewall which connects to the Modem for internet.  The SonicWALL has already been configured correctly using Port 4 to connect the Switch with DHCP, etc…

I then plugged an Ethernet cable into Port 1 of the Switch which connects to the SonicWALL on Port 4.  I then plugged a spare laptop into Port 2 of the Switch to see if I could get internet.  Everything worked correctly for getting an IP automatically from the SonicWALL.

I decided to then create a new VLAN 10 and dedicate Ports 13-23 on the Switch to be part of VLAN 10 instead of VLAN 5.  So as of right now Ports 1-11 on the Switch are part of VLAN 5 and Ports 13-23 are part of VLAN 10.  Also remember that Port 1 on VLAN 5 connects to the SonicWALL which goes out to the internet.

If I try to connect to Ports 2-11 with the spare laptop, it gains access to the internet.  When I try to connect to Ports 13-23 it doesn’t get access to the internet.

How am I able to connect to Ports 13-23 and be able to gain access to the internet just like Ports 2-11?
I’m using the GUI Interface for configuring everything on here for the Switch as I find it easier.  If someone could please assist me with what needs to be done through the GUI if possible that would be great.

Question by:Lumious
    LVL 3

    Expert Comment

    by:Soufiane Adil, Ph.D
    Can you issue SHOW RUN command and copy/past the config?
    LVL 8

    Expert Comment

    try taking out port authentication on one of the ports and then try it.
    LVL 11

    Expert Comment

    by:Bryant Schaper
    I cannot comment on the GUI side easily, but if I am understanding you now have two vlans, and the router(sonicwall) is on port 4 (I know you said 1 as well, but it does not matter).  Sense 1-11 are access ports on VLAN, and 13-23 are access ports on VLAN 10, they cannot talk to each other without a router.

    The sonicwall will either need to be setup to trunk VLAN 5 and 10, along with switchport 1 trunking 5 and 10 as well:

    switchport trunk allwed vlan all
    switchport mode trunk

    Another option is to use another port off the sonicwall and assign it an IP on VLAN 10 and connect to access port on VLAN 10 as well.

    Author Comment


    The following is a summary of the Cisco Switch Configs.  Nothing special has been done besides the following:

    VLAN 5:
    Ports 1-11
    Port 1 of Switch connected to Port 4 of SonicWALL
    Port 3 of Switch connected to Testing Laptop (Internet Success)

    VLAN 10:
    Ports 13-23
    No Internet Access on any ports

    Below you will find my Config for my HP Procurve that I have in my testing environment.  As you can see, the internet vlan is VLAN 5 with an untagged port 1.  In the rest of the VLANs you see that port 1 is tagged, gaining the other vlans access to VLAN 5.  

    I was trying to accomplish something like this on my Cisco Switch but am a little confused since the terminology is a little different.

    Please let me know of any suggestions.


    ; J9279A Configuration Editor; Created on release #Y.11.44

    hostname "ProCurve 2510G-24 - A"
    ip default-gateway
    snmp-server community "public" Unrestricted
    vlan 1
       name "DEFAULT_VLAN"
       no ip address
       no untagged 1-24
    vlan 5
       name "Internet"
       untagged 1
       ip address
    vlan 103
       name "iSCSi-103"
       untagged 20-24
       no ip address
       tagged 1,14-19
    vlan 102
       name "vMotion-102"
       no ip address
       tagged 1,8-13
    vlan 104
       name "VM-MGMT-104"
       no ip address
       tagged 1-7
    spanning-tree force-version RSTP-operation


    - I'm probably going to have to go with what you suggested but am a little confused on how to go about it as I'm not that efficient in the command line.  As you can see from the example above from my HP Procurve, it's already set up correctly on the SonicWALL accepting all the VLANs and what not.  So I guess what I'm now asking, is how can I get this Cisco Switch to be identical to my HP ProCurve Switch?
    LVL 11

    Accepted Solution

    What is the model of sonicwall, not familiar with their interface, I can take a look, then give you a sample config for the SG.

    this is what  I have when connecting to a cisco router:


    interface GigabitEthernet1/0/1
     switchport mode access
     switchport access vlan 5
     spanning-tree portfast

    interface GigabitEthernet1/0/24
     description Uplink to Router
     switchport mode trunk
     switchport trunk allowed vlan all

    but the firewall side is a bit more work, if it was a router, I would just use the following:

    interface GigabitEthernet0/0
     no ip address
     duplex auto
     speed auto
    interface GigabitEthernet0/0.5
     encapsulation dot1Q 5 native
     ip address
    interface GigabitEthernet0/0.10
     encapsulation dot1Q 10
     ip address
    Then if vlan 5 needs to access machines on vlan 10 or vice versa it would just be an ACL

    For the switch if you wanted to use two Ethernet ports from the Sonicwall to the SG the above switch config is the same just ignore the trunk command and make access ports and a cable from each vlan will connect to the sonicwall.  The sonicwall will then have rules to allow access as it will treat each port as a unique network (again depending on model).  The last one I used was the TZ180 I think and it was a WAN port and small switch.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Security is one of the biggest concerns when moving and migrating your data from your on-premise location to the Public Cloud.  Where is your data? Who can access it? Will it be safe from accidental deletion?  All of these questions and more are imp…
    Microservice architecture adoption brings many advantages, but can add intricacy. Selecting the right orchestration tool is most important for business specific needs.
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    760 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now