• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 103
  • Last Modified:

Need help creating an isolated group of ports across 3 switches

Hello -

I have 3 switches.  Currently they're all setup at their default settings.  I can access the web interface for all of them, and I've already identified which ports link them together, etc.  I want to setup a few ports on one end that only has access to a few ports on the other end - but the other end will be the 3rd switch down the line.  They're all linksys / cisco smart switches.  I don't understand tagging and untagging properly I guess because as a test on one of the switches I tried putting the internet router and a workstation tagged to VLAN 25 (I had created that one as a test) but they are unable to ping each other.  The devices on the ends of the switches are NOT VLAN aware.  They're PC's and dumb routers.  What's the best way to do this?

Thanks!
0
TimFarren
Asked:
TimFarren
  • 4
1 Solution
 
TimFarrenAuthor Commented:
To clarify - these ports should be unable to talk to any other computers or devices except what's allowed at the other end.  Sorry I left that part out.
0
 
bbaoIT ConsultantCommented:
please advise the model numbers of the three switches as we need to make sure you have at least one layer-3 switch in order interconnect the VLANs as you expect.

all VLANs are separated from each other as they work at Layer-2 and need a Layer-3 router to connect the VLANs (actually their corresponding subnets). A layer-3 switch can handle routing as a regular router, hence you need at least one of this kind of device.
0
 
TimFarrenAuthor Commented:
I got this working through painstaking trial and error but I'm not sure if I did it the best way possible. The 3 switches are Cisco smart switches. 2 of them are older and don't support trunking by the looks of things. Here's what I did:

Switch 1:  
Port 19 (PC attached I want to segregate)
Assigned PVID 25 and Untagged VLAN 25
Port 1 - uplink to second switch
Tagged for VLAN 25
Switch 2:
Port 13 - uplinks with switch 1
Set tagging for VLAN 25
Port 24 - uplinks to switch 3
Set tagging for VLAN 25
Switch 3 (this one supports trunking)
Port 25: trunk
Port 7 and 8 (leads to devices we want segregated also)
VLAN PVID 25 / Untagged

On switch 3 I configed all ports to be "access" ports except the last 2 which I left at trunk.

How badly did I screw best practice up here?  :-)
0
 
TimFarrenAuthor Commented:
Switch 3:  SG200-26
Switches 1 and 2: SLM2024
0
 
TimFarrenAuthor Commented:
I guess this is ok - no experts had any further comment.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now