Solved

Need help creating an isolated group of ports across 3 switches

Posted on 2015-01-17
5
93 Views
Last Modified: 2015-01-27
Hello -

I have 3 switches.  Currently they're all setup at their default settings.  I can access the web interface for all of them, and I've already identified which ports link them together, etc.  I want to setup a few ports on one end that only has access to a few ports on the other end - but the other end will be the 3rd switch down the line.  They're all linksys / cisco smart switches.  I don't understand tagging and untagging properly I guess because as a test on one of the switches I tried putting the internet router and a workstation tagged to VLAN 25 (I had created that one as a test) but they are unable to ping each other.  The devices on the ends of the switches are NOT VLAN aware.  They're PC's and dumb routers.  What's the best way to do this?

Thanks!
0
Comment
Question by:TimFarren
  • 4
5 Comments
 
LVL 2

Author Comment

by:TimFarren
ID: 40555426
To clarify - these ports should be unable to talk to any other computers or devices except what's allowed at the other end.  Sorry I left that part out.
0
 
LVL 37

Expert Comment

by:Bing CISM / CISSP
ID: 40555598
please advise the model numbers of the three switches as we need to make sure you have at least one layer-3 switch in order interconnect the VLANs as you expect.

all VLANs are separated from each other as they work at Layer-2 and need a Layer-3 router to connect the VLANs (actually their corresponding subnets). A layer-3 switch can handle routing as a regular router, hence you need at least one of this kind of device.
0
 
LVL 2

Author Comment

by:TimFarren
ID: 40555628
I got this working through painstaking trial and error but I'm not sure if I did it the best way possible. The 3 switches are Cisco smart switches. 2 of them are older and don't support trunking by the looks of things. Here's what I did:

Switch 1:  
Port 19 (PC attached I want to segregate)
Assigned PVID 25 and Untagged VLAN 25
Port 1 - uplink to second switch
Tagged for VLAN 25
Switch 2:
Port 13 - uplinks with switch 1
Set tagging for VLAN 25
Port 24 - uplinks to switch 3
Set tagging for VLAN 25
Switch 3 (this one supports trunking)
Port 25: trunk
Port 7 and 8 (leads to devices we want segregated also)
VLAN PVID 25 / Untagged

On switch 3 I configed all ports to be "access" ports except the last 2 which I left at trunk.

How badly did I screw best practice up here?  :-)
0
 
LVL 2

Accepted Solution

by:
TimFarren earned 0 total points
ID: 40555689
Switch 3:  SG200-26
Switches 1 and 2: SLM2024
0
 
LVL 2

Author Closing Comment

by:TimFarren
ID: 40572357
I guess this is ok - no experts had any further comment.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Quality of Service (QoS) options are nearly endless when it comes to networks today. This article is merely one example of how it can be handled in a hub-n-spoke design using a 3-tier configuration.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now