Switch and VLANs
Hi guy,
I'm configuring a cisco switch (slm2024).
This is what i want to do:
port 5 -> VLAN 10 (LAN)
port 12 -> VLAN 5 (WAN)
On port 12 is connected a ISP modem/router. This router provide a DHCP of private class (192.168.0.X/24)
On port 5 is connected a laptop
I don't understand why laptop is getting a IP from DHCP...it's in a different vlan!
Maybe this issue from vlan1?
This is config
![vlan1.PNG]()
![vlan5.PNG]()
![vlan10.PNG]()
Thanks!
I'm configuring a cisco switch (slm2024).
This is what i want to do:
port 5 -> VLAN 10 (LAN)
port 12 -> VLAN 5 (WAN)
On port 12 is connected a ISP modem/router. This router provide a DHCP of private class (192.168.0.X/24)
On port 5 is connected a laptop
I don't understand why laptop is getting a IP from DHCP...it's in a different vlan!
Maybe this issue from vlan1?
This is config
Thanks!
I can only guess here but it appears you're using this switch at Layer 3 and not Layer 2, is that right?
I see "WAN" mentioned with VLAN 5 - so that suggests it.
Also "LAN" mentioned with VLAN 10.
Also, Untagged is on VLAN 1.
Without being able to move around the interface and look at other displays, my guess is:
- The switch is operating in Layer 3. I generally don't do that so I'm at a disadvantage here for you.
- There is a WAN and a LAN but I don't know if there is NAT. I suspect NOT in this case but that could be wrong.
Anyway, that might well explain why there is traffic between ports.
There may be DHCP relaying turned on.
etc.
In my set of preferences, I would run the switch Layer 2.
I have no idea why all the VLANs. I see no need for any but the default (VLAN 1?).
Maybe an idea of what you're trying to accomplish with this?
I see "WAN" mentioned with VLAN 5 - so that suggests it.
Also "LAN" mentioned with VLAN 10.
Also, Untagged is on VLAN 1.
Without being able to move around the interface and look at other displays, my guess is:
- The switch is operating in Layer 3. I generally don't do that so I'm at a disadvantage here for you.
- There is a WAN and a LAN but I don't know if there is NAT. I suspect NOT in this case but that could be wrong.
Anyway, that might well explain why there is traffic between ports.
There may be DHCP relaying turned on.
etc.
In my set of preferences, I would run the switch Layer 2.
I have no idea why all the VLANs. I see no need for any but the default (VLAN 1?).
Maybe an idea of what you're trying to accomplish with this?
Hi Fred,
this is layer 2 switch.
This is situation
![network.PNG]()
Internet is provided by isp router.
This router have "lan" interface 192.168.0.1 that go in switch F0/12.
F0/12 must be vlan 5 and for now not comunicate with any other device.
F0/2 and F0/5 must be configured vlan 10 and comunicate only between them.
The are 2 problems:
-Device on f0/2 and F0/5 give ip address from DHCP of router that is connect on F0/12, and don't have to comunicate. I create on purpose 2 vlan
-F0/2 and f0/5 don't ping each other
Thanks
this is layer 2 switch.
This is situation
Internet is provided by isp router.This router have "lan" interface 192.168.0.1 that go in switch F0/12.
F0/12 must be vlan 5 and for now not comunicate with any other device.
F0/2 and F0/5 must be configured vlan 10 and comunicate only between them.
The are 2 problems:
-Device on f0/2 and F0/5 give ip address from DHCP of router that is connect on F0/12, and don't have to comunicate. I create on purpose 2 vlan
-F0/2 and f0/5 don't ping each other
Thanks
Did you configure tagged VLAN's on you router and system?
If not they use the untagged VLAN..... (no .1q / .1p element in the ethernet frame aka the tag).
Regular equipment should be on a port that has UNTAGGED connection to the VLAN.
If not they use the untagged VLAN..... (no .1q / .1p element in the ethernet frame aka the tag).
Regular equipment should be on a port that has UNTAGGED connection to the VLAN.
What model router are you using? Can you post your config on the switch of “Create VLAN” as it should say Enabled if trunked correctly from the router.
Hi guys,
I buy new switch, CISCO SG300 and when it arrives I will let you know how the tests are going. (i will do a comparation)
Thanks
I buy new switch, CISCO SG300 and when it arrives I will let you know how the tests are going. (i will do a comparation)
Thanks
Ok, Cisco SG300 arrived.
I configure it to compare with the Cisco SLM2024.
Ok this is situation.
On Cisco slm2024 I CAN'T exclude (or forbid) DEFAULT VLAN 1 on switch ports, you can see in the picture changing buttons are disabled
![port_to_vlan_slm2024.PNG]()
On Cisco SG300 I CAN exclude (or forbid) DEFAULT VLAN1 on switch ports!
![port_to_vlan_sg300.PNG]()
This is whole question.
I've tried the same configuration on Cisco SG300 and it work perfectly fine.
I think there is a bug on Cisco SLM series with default vlan1...
Any suggestion or confirm by seniors? :D
I configure it to compare with the Cisco SLM2024.
Ok this is situation.
On Cisco slm2024 I CAN'T exclude (or forbid) DEFAULT VLAN 1 on switch ports, you can see in the picture changing buttons are disabled
On Cisco SG300 I CAN exclude (or forbid) DEFAULT VLAN1 on switch ports!
This is whole question.
I've tried the same configuration on Cisco SG300 and it work perfectly fine.
I think there is a bug on Cisco SLM series with default vlan1...
Any suggestion or confirm by seniors? :D
On Cisco SG300 I CAN exclude (or forbid) DEFAULT VLAN1 on switch ports!That's not a question and yet you say:
This is whole question.Please pardon my confusion.
If you want to know why different products behave differently then I'm not sure that will be easy information (analysis) to obtain.
That said, I will certainly pardon your confusion because I've experienced similar things with the VLANs on these devices.
Per the manual:
By default, VLAN 1 is the managementSo, it may be advisable to keep VLAN 1 as the management VLAN just to avoid more work and resulting confusion (and/or bugs!).
VLAN, but this can be modified. When operating in Layer 2 system mode, the
device can only be reached at the configured IP address through its management VLAN.
Did you create any VLAN's to start with.
It's not that the list fo 4095 VLAN's is autofilled.....
(for numbers it is, there are no names with it, and most only need a few VLAN's (<10) so making a short list of them (create VLAN) makes it a handy selection tool.
VLAN 1 is de default, and only VLAN in any newly delivered switch. Also ALL ports are set to untagged access to this VLAN 1 so you can plugin into the switch and start configuring it.
From the VLAN's you create you can select tagged and untagged access.
Tagged meaning you send the packet VLAN tag with the packet to the connected device and untagged meaning the packet is a bare unnumbered ethernet packet. Obviously only one VLAN can be set untagged with a port. Otherwise packets can never correctly get assigned to the right VLAN. (The system connected MUST be able to handle tagged VLAN's by the way if the switch is configured to sedn tagged ppackets).
When a port is set UNTAGGED in another VLAN then it will get removed from VLAN 1.....
Hi Noci,
you gave me advise to solve problem!
"When a port is set UNTAGGED in another VLAN then it will get removed from VLAN 1....."...but it's not automatic
Ok, now I understand workflow to configure access port in cisco slm.
1) First, you must configure your vlans
2)Go to "Port to VLAN" and select the vlan you created earlier. Now flag interfaces in "untagged". In this case interface Gigabit4
![cisco_01.PNG]()
4)If you go to VLAN1 you notice that the same interfaces are "untagged" too. If you set a interfance "untagged" in a vlan, You can't modify any interfaces in VLAN1 and switch not remove automatically VLAN1 untagged inteface
![cisco_02.PNG]()
3)Now we must set PVID manually. Go to "Port Settings" and set interface PVID
![cisco_03.PNG]()
4)If we go in "Port to VLAN" and select VLAN1 we can see interface 4 that is now "Exluded"
![cisco_04.PNG]()
Thanks everybody for support!
you gave me advise to solve problem!
"When a port is set UNTAGGED in another VLAN then it will get removed from VLAN 1....."...but it's not automatic
Ok, now I understand workflow to configure access port in cisco slm.
1) First, you must configure your vlans
2)Go to "Port to VLAN" and select the vlan you created earlier. Now flag interfaces in "untagged". In this case interface Gigabit4
4)If you go to VLAN1 you notice that the same interfaces are "untagged" too. If you set a interfance "untagged" in a vlan, You can't modify any interfaces in VLAN1 and switch not remove automatically VLAN1 untagged inteface
3)Now we must set PVID manually. Go to "Port Settings" and set interface PVID
4)If we go in "Port to VLAN" and select VLAN1 we can see interface 4 that is now "Exluded"
Thanks everybody for support!
Premium Content
You need an Expert Office subscription to comment.Start Free Trial