Adding a Cisco switch with management capabilities to another without stacking

In the past I have added several switches to the core (with ether-channel) but rarely add an additional switch off an existing switch port(s).

We have a small remote office with a Cisco 24 port POE 3750 switch.
They wanted to add another switch but were not interested in finding
a used switch to stack.  The original switch is connected to an ASA.

I plan to proceed with the new 2960 24 port POE attached by using ether-channel on the last two ports.  (Unless I would not gain much benefit and should just use a trunk port.) I think my initial thoughts on the configuration are overkill (duplicate the current switch).  This just simply needs to have data and phone VLANs and an IP address to manage it. (To allow SSL, Update IOS, etc...)

My main question is what is the minimum configuration I will need?  Besides adding the data and phone VLANs do I also add a different IP addresses to each VLAN so I can remotely manage?  Or create VLANs and add a new management VLAN with an IP?
Do I need to specify the same default gateways on the new switch or it will just work just being connected with ether-channel?  I will also need to figure out which port is connected to the ASA (mac address table), and a bit confused why this is not a trunk.  I will also be updating the IOS on the original 3750 later so we can use SSL/script to back up the configuration.

It looks like they configured it to have phones on the even ports.


Any configuration to successfully route VLANs traffic and enable switch management for switch B are appreciated.  I am just concerned about my VLAN traffic making it out of the switch and back on switch B.  I suspect I might just need ether-channel to connect, management IP, VLANs, but unsure of a default route.  ( ip route 0.0.0.0 0.0.0.0 172.16.210.1 )


Here is some of the configuration of the original 3750 switch:

no service password-encryption

enable secret 5 ******

enable password ******

ip domain-name ******.local

 

interface GigabitEthernet1/0/1

switchport access vlan 10

switchport mode access

spanning-tree portfast

 

interface GigabitEthernet1/0/2

switchport access vlan 10

switchport mode access

switchport voice vlan 20

spanning-tree portfast

 

interface GigabitEthernet1/0/3

switchport access vlan 10

switchport mode access

spanning-tree portfast

 

interface GigabitEthernet1/0/4

switchport access vlan 10

switchport mode access

switchport voice vlan 20

spanning-tree portfast

 

.....

interface GigabitEthernet1/0/22

switchport access vlan 20

switchport mode access

speed 100

duplex full

spanning-tree portfast

 

interface GigabitEthernet1/0/23

switchport access vlan 10

switchport mode access

spanning-tree portfast

 

interface GigabitEthernet1/0/24

switchport access vlan 10

switchport mode access

spanning-tree portfast

!

interface GigabitEthernet1/0/25

!

interface GigabitEthernet1/0/26

!

interface GigabitEthernet1/0/27

!

interface GigabitEthernet1/0/28

!

interface Vlan1

no ip address

!

interface Vlan10

description Data

ip address 172.16.210.254 255.255.255.0

!

interface Vlan20

description Phone

ip address 172.16.220.254 255.255.255.0

ip helper-address 172.16.210.210

ip helper-address 172.16.210.220

!

ip classless

ip route 0.0.0.0 0.0.0.0 172.16.210.1

ip http server

!

!

control-plane

line con 0

line vty 0 4

password *******

login

line vty 5 15

password ********

login
LVL 2
PostQAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Don JohnstonInstructorCommented:
You only need one SVI/ip address for management purposes.
PostQAuthor Commented:
Any benefit to adding a different IP on the two VLANs and routing in case switch A went down.  Switch B could already have gateways, IPs, default route, and just get plugged into the ASA with a trunk?

I don't want to overkill this but if it would keeps things afloat if switch A went down it may be worth while.

If not I could just add one IP set the native and voice VLANs, aggregate links and call it a day.
Don JohnstonInstructorCommented:
I'm guessing the ASA or 3750 is doing the inert-VLAN routing.  Using the 2960 would not be as efficient for that purpose.

If you lose the ASA or 3750, you will most likely be pretty busy.  Having the 2960 doing routing won't provide much (if any) benefit.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.