Issue trunking vlan's from one sg200 switch to another.
I am still learning vlans. I have the concept down and was overjoyed when I thought I understood it enough to use it.
Using a single switch I can create 2 vlans (10&200), separate the traffic and everything is good. When I try to "trunk" those vlan's to another switch things break down. These are cisco Sg200 switches.
On switch 2 (SW2) we have port 2 going to a unifi access point. Switch 2 port 1 goes to switch 1 port 4. Switch 1 port 1 goes to router that provides dhcp & routing for the vlans. It looks like this;
[ap] eth1----eth2 [SW2] eth1-----eth4 [SW1] eth1---eth2 [router] eth1----[modem]
I think the issue may be tagging, but when it doesnt work using wireshark doesnt help.
The vlans exist on both switches. On SW2 ports 1&2 are trunk ports tagged 10&200. On SW1 ports 8 & 4 &1 are trunk ports tagged 10&200. If I move the AP to SW1 eth8, things works like they should. SSID 2 &3 use vlan 10&200 respectively. When i move the AP to SW2 eth2 it doesn't work.
I thought trunk ports carried the vlans from switch to switch. I thought the interfaces had to be tagged so the next switch would know what vlan to put them in. Apparently i have something wrong since it doesn't work properly.
Where have i gone wrong?
Using a single switch I can create 2 vlans (10&200), separate the traffic and everything is good. When I try to "trunk" those vlan's to another switch things break down. These are cisco Sg200 switches.
On switch 2 (SW2) we have port 2 going to a unifi access point. Switch 2 port 1 goes to switch 1 port 4. Switch 1 port 1 goes to router that provides dhcp & routing for the vlans. It looks like this;
[ap] eth1----eth2 [SW2] eth1-----eth4 [SW1] eth1---eth2 [router] eth1----[modem]
I think the issue may be tagging, but when it doesnt work using wireshark doesnt help.
The vlans exist on both switches. On SW2 ports 1&2 are trunk ports tagged 10&200. On SW1 ports 8 & 4 &1 are trunk ports tagged 10&200. If I move the AP to SW1 eth8, things works like they should. SSID 2 &3 use vlan 10&200 respectively. When i move the AP to SW2 eth2 it doesn't work.
I thought trunk ports carried the vlans from switch to switch. I thought the interfaces had to be tagged so the next switch would know what vlan to put them in. Apparently i have something wrong since it doesn't work properly.
Where have i gone wrong?
ASKER
How do I get configuration of switch to paste?
Looks like by default, all the ports are in trunk mode. I can switch to general or access, but they all say trunk.
Looks like by default, all the ports are in trunk mode. I can switch to general or access, but they all say trunk.
Usually you can in terminal window select code and copy with ctrl + C, after copying you can paste code to notepad or any other text editor.
ASKER
I have never use the terminal window. I use the web interface.
How do i access via terminal window and get the settings for you?
How do i access via terminal window and get the settings for you?
Forget about web interface if you are learning Cisco.
1. You need rollover cable (console cable) -connect it to console port
2. Terminal software (PuTTy, Tera Term, or some other)
3. Set config for terminal sotware:
in this case you need just two:
then you can copy paste your switch config (both switches)
:)
1. You need rollover cable (console cable) -connect it to console port
2. Terminal software (PuTTy, Tera Term, or some other)3. Set config for terminal sotware:
9600 baud
8 data bits
No parity
1 stop bit
4. start typing commandsin this case you need just two:
enable (to enter privileged mode)
show running config
then you can copy paste your switch config (both switches)
:)
ASKER
I have one of those cables, but no console port on the switch. Just eth1-8.
Cant we use putty and ssh to the Ip address, or telnet? It's 2014, surely we have more capabilities than a serial connection.
Cant we use putty and ssh to the Ip address, or telnet? It's 2014, surely we have more capabilities than a serial connection.
Sure we can use telnet or ssh.
But usually when you buy new cisco equipment device don't have ip address so you can't access device on any way except serial link :)
Maybe you have one of those devices with only web interface, but you can give device IP address and allow telnet and set telnet password so you can try login into device.
But usually when you buy new cisco equipment device don't have ip address so you can't access device on any way except serial link :)
Maybe you have one of those devices with only web interface, but you can give device IP address and allow telnet and set telnet password so you can try login into device.
ASKER
They already have IP addresses. They are static and I can access the web GUIm which is what ive been using to modify the vlans.
What is the next step?
What is the next step?
enable telnet on switch
get putty set ip address of switch and choose telnet :port 23
and click open
if device have command line enabled - device will ask you for password
get putty set ip address of switch and choose telnet :port 23
and click open
if device have command line enabled - device will ask you for password
ASKER
no telnet/cli on this sg200.
OK.
What should be next?
If I can't see configuration...hm...
You said that VLAN 10 and 200 are allowed on trunk.
ADD native VLAN to trunk. DOT1Q trunking can have problem on some switches if native VLAN is not allowed.
What should be next?
If I can't see configuration...hm...
You said that VLAN 10 and 200 are allowed on trunk.
ADD native VLAN to trunk. DOT1Q trunking can have problem on some switches if native VLAN is not allowed.
ASKER
I can take screen shots!
vlan1 is also allowed on the trunk ports. I will take a SC.
vlan1 is also allowed on the trunk ports. I will take a SC.
ASKER
Default settings
ASKER
Default settings with pic
sg200-117-w.jpg
sg200-117-w.jpg
That picture means nothing to me.
I can only see that ports are set as Trunk, native VLAN is 1, and that there is ingress filter on trunk.
You have already told me that you set ports as trunk. And if that is only think to set everything should work OK.
By default between two switches you should use crossover cable, but every modern switch has auto sensing on port so that either should not be a problem.
Lats try to make it simple:
Check are all vlans allowed on trunks (to eliminate problem with filtering VLAN-s)
try to remove ingress filter (same reason as above)
create needed VLAN-s on both switches
I can only see that ports are set as Trunk, native VLAN is 1, and that there is ingress filter on trunk.
You have already told me that you set ports as trunk. And if that is only think to set everything should work OK.
By default between two switches you should use crossover cable, but every modern switch has auto sensing on port so that either should not be a problem.
Lats try to make it simple:
Check are all vlans allowed on trunks (to eliminate problem with filtering VLAN-s)
try to remove ingress filter (same reason as above)
create needed VLAN-s on both switches
ASKER
where do i check are all vlans allowed on trunks?
both vlans are created on both switches
both vlans are created on both switches
ASKER
On switch 1, the AP is on port 8. I set the port to general and turned ingress filter off. I didn't see where you could turn the filter off any other way.
The vlan on the AP works. I didnt have to tag the interface or do anything else except turn the ingress filter off.
On switch 2, the AP is on port 2. I turned the ingress filter off for that port as well. SW2 is connected to SW1 on port 4. The vlan on the AP doesnt work.
If i turn the ingress filter off on port4, what issues do we run into with the rest of the traffic coming from SW2?
The vlan on the AP works. I didnt have to tag the interface or do anything else except turn the ingress filter off.
On switch 2, the AP is on port 2. I turned the ingress filter off for that port as well. SW2 is connected to SW1 on port 4. The vlan on the AP doesnt work.
If i turn the ingress filter off on port4, what issues do we run into with the rest of the traffic coming from SW2?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Worked well after figuring out port settings.
Maybe both sides are in dynamic auto.
switchport mode dynamic auto
– This command makes the interface willing to convert the link to a trunk link if the neighboring interface is set to trunk or desirable mode. Otherwise, the link will become a non-trunking link.
more about trunking:
https://learningnetwork.cisco.com/servlet/JiveServlet/previewBody/14792-102-1-57313/Dynamic%20Trunking%20Protocol.PDF
Can you paste configuration of switches here?