Connecting Cisco SG300 to Catalyst 4507r
Seems like a simple connection, but I cannot ping PCs on the SG300 and they cannot ping anything on the network. The 4507 is a core L3 switch which handles all Vlan and subnetwork routing. On the interface which the SG300 connects to on the 4507 I have the config:
interface GigabitEthernet4/28
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,7-11
switchport mode trunk
On the SG300 counterpart:
interface gigabitethernet20
switchport trunk allowed vlan add 7-11
On the PC interface:
interface gigabitethernet2
switchport mode access
I have also configured:
interface gigabitethernet1
switchport mode general
switchport general allowed vlan add 9 tagged
switchport general ingress-filtering disable
interface gigabitethernet4
switchport mode general
But neither of those interfaces can ping the network.
When I telnet into the SG300 I can ping and traceroute throughout the entire network. When I get on the PC I get nowhere and nothing can see the PC from anywhere on the network. All the PCs, 3 of them, can see each other. The SG300 is in the default L2 mode. Vlan 1 is the ip default gateway which is the 4507. It's got to be a setting for the SG300 that I would usually not use when setting up the Catalysts.
What don't I see? Any thoughts greatly appreciated
interface GigabitEthernet4/28
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 1,7-11
switchport mode trunk
On the SG300 counterpart:
interface gigabitethernet20
switchport trunk allowed vlan add 7-11
On the PC interface:
interface gigabitethernet2
switchport mode access
I have also configured:
interface gigabitethernet1
switchport mode general
switchport general allowed vlan add 9 tagged
switchport general ingress-filtering disable
interface gigabitethernet4
switchport mode general
But neither of those interfaces can ping the network.
When I telnet into the SG300 I can ping and traceroute throughout the entire network. When I get on the PC I get nowhere and nothing can see the PC from anywhere on the network. All the PCs, 3 of them, can see each other. The SG300 is in the default L2 mode. Vlan 1 is the ip default gateway which is the 4507. It's got to be a setting for the SG300 that I would usually not use when setting up the Catalysts.
What don't I see? Any thoughts greatly appreciated
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
The default gateways on the PCs is 10.213.8.1 which is the ip address of vlan 9 on the 4507.Then you should configure intefaces for PCs to belong to VLAN 9
interface gigabitethernet2
switchport mode access
switchport access vlan 9
In that case interface will be assigned to VLAN 9, and will not be part of VLAN 1 anymore.
To see ports assigned to specific VLANs use
# show vlan
To see trunks
# show interface trunk
To assign port to VLAN 1 you can use
interface gigabitethernet2
switchport mode access
switchport access vlan 1
add vlan is in use to assign VLAN that is currently not allowed on trunk interface.
If you just use it for switching, there is no need to assign SVI to switch (except for management VLAN).
ASKER
If you just use it for switching, there is no need to assign SVI to switch (except for management VLAN).
Yes, I'm just trying to use for switching. These are multiple machines each with it's own static IP address, available to the network and internet. And yes, vlan 1, 192.168.13.x are the numbers of all the switches on the network used for management.
Do I really need to assign a vlan on each port?
Yes, I'm just trying to use for switching. These are multiple machines each with it's own static IP address, available to the network and internet. And yes, vlan 1, 192.168.13.x are the numbers of all the switches on the network used for management.
Do I really need to assign a vlan on each port?
I am not very familiar with SG300, but yes, you need to assign VLAN to each port one way or another.
In your implementation
In your implementation
switchport general allowed vlan add 9 taggedPorts that have PCs attached to it, most likely will need to have access port configured (untagged ports), since PC will drop any tagged packet that they receive. There are exceptions to this rule (like servers), but general rule of thumb is that port for PC needs to be untagged port.
switchport general allowed vlan add 9 untaggedPurpose of general mode is that port can be assigned to more than one vlan (otherwise access mode is preferred), but still you need to assign vlan to port. Cisco VLAN implementation is port-centric.
switchport general pvid 9
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I'll give you 4 out of 5. Additional research and experimentation was required needed to complete the task. But if it wasn't for your detailed answers I may never had found the results we are going with! Thank you.
ASKER
This is different on the 4507 which I need to explicitly add vlan 1 to the port.
The default gateways on the PCs is 10.213.8.1 which is the ip address of vlan 9 on the 4507. Do I need to add an IP for vlan 8 on the SG300? It is not routing, just switching :-)