?
Solved

Need help creating an isolated group of ports across 3 switches

Posted on 2015-01-17
5
Medium Priority
?
101 Views
Last Modified: 2015-01-27
Hello -

I have 3 switches.  Currently they're all setup at their default settings.  I can access the web interface for all of them, and I've already identified which ports link them together, etc.  I want to setup a few ports on one end that only has access to a few ports on the other end - but the other end will be the 3rd switch down the line.  They're all linksys / cisco smart switches.  I don't understand tagging and untagging properly I guess because as a test on one of the switches I tried putting the internet router and a workstation tagged to VLAN 25 (I had created that one as a test) but they are unable to ping each other.  The devices on the ends of the switches are NOT VLAN aware.  They're PC's and dumb routers.  What's the best way to do this?

Thanks!
0
Comment
Question by:TimFarren
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
5 Comments
 
LVL 2

Author Comment

by:TimFarren
ID: 40555426
To clarify - these ports should be unable to talk to any other computers or devices except what's allowed at the other end.  Sorry I left that part out.
0
 
LVL 37

Expert Comment

by:bbao
ID: 40555598
please advise the model numbers of the three switches as we need to make sure you have at least one layer-3 switch in order interconnect the VLANs as you expect.

all VLANs are separated from each other as they work at Layer-2 and need a Layer-3 router to connect the VLANs (actually their corresponding subnets). A layer-3 switch can handle routing as a regular router, hence you need at least one of this kind of device.
0
 
LVL 2

Author Comment

by:TimFarren
ID: 40555628
I got this working through painstaking trial and error but I'm not sure if I did it the best way possible. The 3 switches are Cisco smart switches. 2 of them are older and don't support trunking by the looks of things. Here's what I did:

Switch 1:  
Port 19 (PC attached I want to segregate)
Assigned PVID 25 and Untagged VLAN 25
Port 1 - uplink to second switch
Tagged for VLAN 25
Switch 2:
Port 13 - uplinks with switch 1
Set tagging for VLAN 25
Port 24 - uplinks to switch 3
Set tagging for VLAN 25
Switch 3 (this one supports trunking)
Port 25: trunk
Port 7 and 8 (leads to devices we want segregated also)
VLAN PVID 25 / Untagged

On switch 3 I configed all ports to be "access" ports except the last 2 which I left at trunk.

How badly did I screw best practice up here?  :-)
0
 
LVL 2

Accepted Solution

by:
TimFarren earned 0 total points
ID: 40555689
Switch 3:  SG200-26
Switches 1 and 2: SLM2024
0
 
LVL 2

Author Closing Comment

by:TimFarren
ID: 40572357
I guess this is ok - no experts had any further comment.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Is your computer hacked? learn how to detect and delete malware in your PC
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month11 days, 11 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question