+ Reply to Thread
Results 1 to 13 of 13
  1. Junior Member
    Join Date
    Nov 2006
    Location
    Southern England
    Posts
    18

    Certifications
    N+, CCNA (some time ago)
    #1

    Default Haven't cracked VLAN's

    Trying to set up a simple VLAN using Packet Tracer.

    1 2620 Router
    1 2950 switch, in VLAN 1
    3 workstations, each in a separate VLAN, labelled VLAN 2, VLAN 3 and VLAN 4.

    How the hell do you get them to ping each other? This is doing my head in, been on it for too long now, think I'm probably just making it worse. Be really grateful if one of you brain surgeons out there can point me in the right direction.

    Here's the switch config:

    Switch#sh run
    Building configuration...

    Current configuration : 1183 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname Switch
    !
    interface FastEthernet0/1
    !
    interface FastEthernet0/2
    switchport access vlan 2
    switchport mode access
    !
    interface FastEthernet0/3
    switchport access vlan 3
    switchport mode access
    !
    interface FastEthernet0/4
    switchport access vlan 4
    switchport mode access
    !
    !
    interface FastEthernet0/24
    !
    interface Vlan1
    ip address 10.1.1.10 255.255.255.0
    !
    interface Vlan2
    ip address 10.1.2.1 255.255.255.0
    !
    interface Vlan3
    ip address 10.1.3.1 255.255.255.0
    !
    interface Vlan4
    ip address 10.1.4.1 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    !
    end


    Here's the router:
    Router#sh run
    Building configuration...

    Current configuration : 544 bytes
    !
    version 12.2
    no service password-encryption
    !
    hostname Router
    !
    ip ssh version 1
    !
    interface FastEthernet0/0
    ip address 10.1.5.2 255.255.255.0
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.2
    encapsulation dot1Q 2
    ip address 10.1.2.10 255.255.255.0
    !
    interface FastEthernet0/0.3
    encapsulation dot1Q 3
    ip address 10.1.3.10 255.255.255.0
    !
    interface FastEthernet0/0.4
    encapsulation dot1Q 4
    ip address 10.1.4.10 255.255.255.0
    !
    router rip
    network 10.0.0.0
    !
    ip classless
    !
    !
    line con 0
    line vty 0 4
    login
    !
    !
    end
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member Mrock4's Avatar
    Join Date
    Nov 2004
    Posts
    2,327

    Certifications
    CCDA, CCNA, CCNP, CCIE R&S, Security+, CISSP, SCP #2235, CCNA: DC
    #2
    If you want traffic to travel between VLAN's, by traveling to the switch, then to the router, and back, you need to configure the interface from the switch to the router as an 802.1Q trunk to carry traffic for all of the VLAN's.

    Do this:

    int x (I'm assuming f0/1)
    switchport trunk encap dot1q
    switchport mode trunk
    no shut


    Also, Int Vlan1 is in network 10.1.1.0/24 whereas the interface it is connecting to on the router is in 10.1.5.0/24..they should be on the same subnet. After creating the trunk to the router, try changing the IP on the routers f0/0 to 10.1.1.2/24 or whatever you'd like, and you should be able to ping across VLAN's.
    Reply With Quote Quote  

  4. Junior Member
    Join Date
    Nov 2006
    Location
    Southern England
    Posts
    18

    Certifications
    N+, CCNA (some time ago)
    #3
    Thanks for your reply mrock.

    The switch doesn't accept the command:

    switchport trunk encap dot1q

    I've set fa 0/1 to be a trunk port and the switch and router can ping each other. THe workstations still can't ping each other or ping the router.
    Reply With Quote Quote  

  5. Senior Member Mrock4's Avatar
    Join Date
    Nov 2004
    Posts
    2,327

    Certifications
    CCDA, CCNA, CCNP, CCIE R&S, Security+, CISSP, SCP #2235, CCNA: DC
    #4
    My mistake..I'm used to 3550's lately. 2950's use only 802.1q encapsulation by default, so you just need the switchport mode trunk command.

    Do you have your workstations pointing to the respective sub-interface on the router as their default gateway??

    IE: Workstation1 is on VLAN 5, it should have a default gateway of whatever the subinterface is for 5..so f0/0.5's IP, for example.


    Also, one thing I missed, you shouldn't have Layer 2/3 config on your physical interface of the router (f0/0)..since the actual Layer 3 config is done in the sub-interfaces.
    Reply With Quote Quote  

  6. Senior Member ilcram19-2's Avatar
    Join Date
    Jan 2008
    Posts
    432

    Certifications
    A+,Net+,Server+,Sec+, MCP,MCSA:M/MCSE 2k3, CCNA,CCNA SEC,CCDA,CCDP, CCNP, MCTS, MCITP
    #5
    change this
    interface FastEthernet0/0
    ip address 10.1.5.2 255.255.255.0
    duplex auto
    speed auto

    to this
    interface FastEthernet0/0
    no ip address
    duplex auto
    speed auto

    interface FastEthernet0/0.1
    ip address 10.1.5.2 255.255.255.0
    encapsulation dot1q
    duplex auto
    speed auto

    then go to your switch and on the interface tha is connected to the router do a switch port mode trun
    ex
    inter fas x/x
    switchport mode trunk
    Reply With Quote Quote  

  7. Junior Member
    Join Date
    Nov 2006
    Location
    Southern England
    Posts
    18

    Certifications
    N+, CCNA (some time ago)
    #6
    Seems to work now. PC's can ping each other. Thanks very much for your input chaps.


    Router config is:

    Router#sh run
    Building configuration...

    Current configuration : 588 bytes
    !
    version 12.2
    no service password-encryption
    !
    hostname Router
    !
    ip ssh version 1
    !
    interface FastEthernet0/0
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.1
    encapsulation dot1Q 1 native
    ip address 10.1.1.2 255.255.255.0
    !
    interface FastEthernet0/0.2
    encapsulation dot1Q 2
    ip address 10.1.2.10 255.255.255.0
    !
    interface FastEthernet0/0.3
    encapsulation dot1Q 3
    ip address 10.1.3.10 255.255.255.0
    !
    interface FastEthernet0/0.4
    encapsulation dot1Q 4
    ip address 10.1.4.10 255.255.255.0
    !
    ip classless
    !

    line con 0
    line vty 0 4
    login
    !
    !
    end


    Switch config is:

    Switch#sh run
    Building configuration...

    Current configuration : 1206 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname Switch
    !
    !
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 2
    switchport mode access
    !
    interface FastEthernet0/3
    switchport access vlan 3
    switchport mode access
    !
    interface FastEthernet0/4
    switchport access vlan 4
    switchport mode access
    !
    interface FastEthernet0/24
    !
    interface Vlan1
    ip address 10.1.1.10 255.255.255.0
    !
    interface Vlan2
    ip address 10.1.2.1 255.255.255.0
    !
    interface Vlan3
    ip address 10.1.3.1 255.255.255.0
    !
    interface Vlan4
    ip address 10.1.4.1 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    I've change the PC's IP address from .10 on all of them to .11 and used the sub-interface as configured on the router for the gateway. I've disabled rip on the router too.

    Thanks again. Certainly never had to do this VLAN stuff last time I did the CCNA. Seems to be harder now.
    Reply With Quote Quote  

  8. Senior Member Mrock4's Avatar
    Join Date
    Nov 2004
    Posts
    2,327

    Certifications
    CCDA, CCNA, CCNP, CCIE R&S, Security+, CISSP, SCP #2235, CCNA: DC
    #7
    Quote Originally Posted by totalfailure
    Certainly never had to do this VLAN stuff last time I did the CCNA. Seems to be harder now.
    At one time speaking was difficult for you..but you manage just fine now ..it'll be easy before you know it if you keep playing around with it.
    Reply With Quote Quote  

  9. Senior Member phantasm's Avatar
    Join Date
    Jan 2008
    Location
    West by God
    Posts
    990

    Certifications
    CCNP:R&S, CCDA
    #8
    For further reading on this setup, google "Router on a Stick."
    Reply With Quote Quote  

  10. Senior Member mamono's Avatar
    Join Date
    May 2007
    Location
    Cerritos, CA
    Posts
    778

    Certifications
    A+, Net+, Security+, Server+, i-Net+, CCNA Security, CCENT, MCITP:EST, MCDST, MCTS:Vista, HDI/CSR, HDI/SCA, HDI/DST, Apple, Dell
    #9
    Agreed, keep up with the labs! They are a key element to passing Cisco certs!
    Reply With Quote Quote  

  11. Junior Member
    Join Date
    Nov 2006
    Location
    Southern England
    Posts
    18

    Certifications
    N+, CCNA (some time ago)
    #10
    Thought I'd try a more complex VLAN scenario on Packet Tracer. Got a main switch and 3 imaginary floors of a building, one switch and PC's on each floor. All switches are 2950's. Did have this working when I just had 2 floors, but then added the 3rd and somewhere along the line it stopped working.

    Here's the configs:

    Router#sh run
    Building configuration...

    Current configuration : 606 bytes
    !
    version 12.2
    no service password-encryption
    !
    hostname Router
    !
    ip ssh version 1
    !
    !
    interface FastEthernet0/0
    no ip address
    duplex auto
    speed auto
    !
    interface FastEthernet0/0.1
    encapsulation dot1Q 1 native
    ip address 192.168.1.1 255.255.255.0
    !
    interface FastEthernet0/0.10
    encapsulation dot1Q 10
    ip address 192.168.10.1 255.255.255.0
    !
    interface FastEthernet0/0.20
    encapsulation dot1Q 20
    ip address 192.168.20.1 255.255.255.0
    !
    interface FastEthernet0/0.30
    encapsulation dot1Q 30
    ip address 192.168.30.1 255.255.255.0
    !
    ip classless
    !
    line con 0
    line vty 0 4
    login
    !
    end


    main#sh run
    Building configuration...

    Current configuration : 1140 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname main
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport mode trunk
    !
    interface FastEthernet0/3
    switchport mode trunk
    !
    interface FastEthernet0/24
    switchport mode trunk
    !
    interface Vlan1
    ip address 192.168.1.1 255.255.255.0
    !
    interface Vlan10
    ip address 192.168.10.1 255.255.255.0
    !
    interface Vlan20
    ip address 192.168.20.1 255.255.255.0
    !
    interface Vlan30
    ip address 192.168.30.1 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    floor1#sh run
    Building configuration...

    Current configuration : 988 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname floor1
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 10
    !
    interface FastEthernet0/3
    switchport access vlan 10
    !
    interface Vlan1
    no ip address
    !
    interface Vlan10
    ip address 192.168.10.1 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    floor2#sh run
    Building configuration...

    Current configuration : 988 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname floor2
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 20
    !
    interface FastEthernet0/3
    switchport access vlan 20
    !
    interface Vlan1
    no ip address
    !
    interface Vlan20
    ip address 192.168.20.1 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    floor3#sh run
    Building configuration...

    Current configuration : 988 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname floor3
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 30
    !
    interface FastEthernet0/3
    switchport access vlan 30
    !
    interface Vlan1
    no ip address
    !
    interface Vlan30
    ip address 192.168.30.1 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    Am I missing something obvious here?
    Reply With Quote Quote  

  12. Senior Member Mrock4's Avatar
    Join Date
    Nov 2004
    Posts
    2,327

    Certifications
    CCDA, CCNA, CCNP, CCIE R&S, Security+, CISSP, SCP #2235, CCNA: DC
    #11
    Yes...I see three 192.168.30.1 addresses being used..one on your router, one on your Main switch, and the third on the Floor3 switch....change them to all be on the same network, but with different host addresses and you should be good.

    I noticed your VLAN management addresses are the same across switches..why? The idea of a management interface is to give you the ability to SSH/Telnet in remotely and monitor/configure the switch..if they all share the same IP, it would be hard to know which switch you're getting into. Just like I was mentioning with the 30.1 address..leave the router subinterface addresses the same, but change the last octet for the switch's VLAN interface, therefore giving it a unique address. See if that yields any results. I'll have to check it out more later if that doesn't work. Unfortunately work calls and I am in a hurry!
    Reply With Quote Quote  

  13. Junior Member
    Join Date
    Nov 2006
    Location
    Southern England
    Posts
    18

    Certifications
    N+, CCNA (some time ago)
    #12
    Went back to my lab, and sure enoguh was getting IP conflicts. It was working ok this morning before I added the floor3 switch.

    I was probably thinking that for example, the VLAN 30 IP address had to be the same across all switches. This must have been where I was getting confused. Have made changes and every PC can ping every PC now.

    Here's the updated configs (no changes made to the router):

    main#sh run
    Building configuration...

    Current configuration : 1140 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname main
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport mode trunk
    !
    interface FastEthernet0/3
    switchport mode trunk
    !
    interface FastEthernet0/24
    switchport mode trunk
    !
    interface Vlan1
    ip address 192.168.1.3 255.255.255.0
    !
    interface Vlan10
    ip address 192.168.10.3 255.255.255.0
    !
    interface Vlan20
    ip address 192.168.20.3 255.255.255.0
    !
    interface Vlan30
    ip address 192.168.30.3 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    floor1#sh run
    Building configuration...

    Current configuration : 988 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname floor1
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 10
    !
    interface FastEthernet0/3
    switchport access vlan 10
    !
    interface Vlan1
    no ip address
    !
    interface Vlan10
    ip address 192.168.10.2 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    floor2#sh run
    Building configuration...

    Current configuration : 988 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname floor2
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 20
    !
    interface FastEthernet0/3
    switchport access vlan 20
    !
    interface Vlan1
    no ip address
    !
    interface Vlan20
    ip address 192.168.20.2 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end


    floor3#sh run
    Building configuration...

    Current configuration : 988 bytes
    !
    version 12.1
    no service password-encryption
    !
    hostname floor3
    !
    interface FastEthernet0/1
    switchport mode trunk
    !
    interface FastEthernet0/2
    switchport access vlan 30
    !
    interface FastEthernet0/3
    switchport access vlan 30
    !
    interface Vlan1
    no ip address
    !
    interface Vlan30
    ip address 192.168.30.2 255.255.255.0
    !
    line con 0
    !
    line vty 0 4
    login
    line vty 5 15
    login
    !
    end
    Reply With Quote Quote  

  14. Senior Member Mrock4's Avatar
    Join Date
    Nov 2004
    Posts
    2,327

    Certifications
    CCDA, CCNA, CCNP, CCIE R&S, Security+, CISSP, SCP #2235, CCNA: DC
    #13
    No worries..kudos to you for getting in there and trying new things, that's the best way to learn. It probably worked before since you (mostly) had IP's that were unique to each node. I understand your line of thinking about the VLAN 30 IP addresses. Now you definitely won't forget!!

    Keep it up..
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks