VLAN CONFIGURATION
800XA system upgrade project , with single network for CN & PN , we are using one CISCO SG350-28 ethernet switch, for both PN ( 172.16.4.XX) & CN (172.16.80.XX), with single ethernet switch , planning to create 2 nos of VLAN, with 12 RJ45 port ( 1 - 12) for CN & PORT ( 13 -24) for PN. using web based interface
kindly share with us the configuration manual if any or technical hints for the configuration process.
1) can we keep the DEFAULT IP address : 192.168.1.254, with out changing it.
2) after VLAN configuration - save & restart. can i access the network switch, using the default ip address ?
3) how do we test VALN configuration is correct.
thanks /
br/ suresh
Answers
I prefer to program Cisco via serial console using the CLI; this makes a few things much more easy, e.g. creating VLAN and assigning management interfaces without "cutting the branch you are sitting on".
First, login to CLI and issue "show running-configuration" which will display the current configuration.
Probably, all ports belong to VLAN 1 which has 192.168.1.254 set as address.
Then issue the command "show vlan" which will display the known VLANs, probably only VLAN 1.
To disable the default VLAN 1 IP-address and split up a 24 port switch into two halves with no VLAN tagging or trunking and put a suitable management address on the client/server network (ports 1-12) you could do as follows (I haven't tested the exact text below in reality though... - please Google the terminologies below and you will surely find more help on the "switchport" command and all its parameters, "access", "trunk", "allow", etc.):
$ enable
# configure terminal
# vlan 1
no ip address
exit
# vlan 100
name ClientServerNet
ip address 172.16.5.245 255.255.252.0
exit
# vlan 200
name ControlNet
exit
# interface range gigabitEthernet 1/0/1 - 12
switchport access vlan 100
switchport mode access
end
# interface range gigabitEthernet 1/0/13 - 24
switchport access vlan 200
switchport mode access
end
# exit
# write memory
Testing the configuration could be made by e.g. ping. If you put AS1 on port 1 (VLAN100) and AS2 on port 13 (VLAN200) they should not be able to ping each other. Moving AS2 to a lower port (2-12) should allow ping.
Connect to your switch using Telnet (can use putty) and follow the following commands to create VLANs.
switch# configure terminal
switch(config)# vlan vlanid (enter vlanid number)
switch(config-vlan)# name PN (enter vlan name)
switch(config-vlan)# state active
switch(config-vlan)# no shutdown
Add the ports.. switch# configure terminal
switch(config)# interface ethernet 1/10 ..........(this is an example you can assign interfaces based y=on your requirement)
switch(config-if)# switchport access vlan vlanid
check..
switch# show vlan
Save..
switch# wr ...enter
Also, it's recommended to change the DEFAULT IP address for management & security purposes. You can access the switch after restart.
To check the configuration of VLAN, connect two systems in either of the vlans and try to ping each other. Vlan configuration doesn't allow interaction with the other vlan without routing.
Also, you can the following commands.
switch# show vlan id vlanid (to show vlan details)
switch# show vlan (this command displays the vlans in the switch and the ports assigned to it)
I hope this information will be of help to you.
Thanks,
Arun
Add new comment