Configure VLANs on SG300-10P

Hi, 
I need help to configure the SG300-10P switch for the following:
port 9 connect to router (10.0.1.1) to internet
Vlan 1 (default) 10.0.1.200: ports 1 - 4 & 10: use for PCs and IP phones
Vlan 2: 10.0.2.1: port 5, port 6, use for printers
Vlan 3: 10.0.3.1: port 7, port 8: use for security cameras
Vlan 1 & 3 can access internet but not vlan2
I've read many posts but still confused.  Please show me the required steps/commands to configure this.  
Thank you for your help.

Hi Nil, can you please tell me if your router supports 802.1q VLAN or subinterfaces? In order to assist you, we need to know what is the networking hardware involved.

Similar Messages

  • DHCP on SG300-10P for VLAN

    Using an SG300-10P with firmware 1.3.7.18 and boot version 1.3.5.06 there's an option to run a DHCP server on the device.  If this is really a full DHCP server, documentation is spotty, can I create a DHCP zone to serve VLAN 25 and only VLAN 25?

    According to documentation it should be possible:
    Switch functions as an IPv4 DHCP Server serving IP addresses for multiple DHCP pools/scopes
    Rigth now I do not have access to one SSG but I will check it tomorrow when I work with one of my clients for the specific path,
    Regards,
    Jcarvaja

  • Unable to ping IP address from SG300 -10p switch

     i have two core switches, we have configured the vlan 70 in both core switch
    sh run int vlan 70 --ip address: 182.94.177.34/28
    configured the HSRP in both routers.
    we have configured port in vlan 77 in access switch 4507R-E , we are able to ping the ip address.
    again we have installed on Cisco SG300 10p switch case cading to Cisco 4507R-E access switch.
    we have give below commands
    switch manangement IP :
    switch38cbaf(config)int vlan1
    switch38cbaf(config-if)#ip address 124.4.67.47 255.255.255.0
    switch38cbaf(config)#vlan database
    switch38cbaf(config-if)vlan 70
    switch38cbaf(config)#int gigabitethernet1
    switch38cbaf(config-if)#switchport mode access
    switch38cbaf(config-if)#switch access vlan 77
    Trunk Configuration
    switch38cbaf(config)#int gigabitEthernet9
    switch38cbaf(config-if)#description << Trunk | connected to access switch 4507R-E | Fa4/1 >>
    switch38cbaf(config-if)#swtichport mode trunk
    switch38cbaf(config-if)#switchport trunk allowed vlan 77
    problem:
    i am assigned the ip address 182.94.177.44 to  our desktop and connected to port Gi1
    I am able to ping 182.94.177.33, 34 and 35 Ip Address but unable to ping 182.94.177.44

    Some things to check/verify -
    a) is there a typo in your configuration above ie. you have created vlan 70 according to your configuration but the actual vlan you are using is vlan 77
    b) does the trunk link between the access 4500 and the core switch allow vlan 77
    c) try pinging from the client and not to it as there may be a firewall on the PC.
    Jon

  • How to configure SNMP on SG300 using CLI

    Hi,
    Does anyone know how to configure SNMP on the Cisco SG300 switches? I have the SG300-10P. I am not fully familiar with the new command line interface on this device, it was easy on the IOS but finding it a nightmare on this one.
    I put the following command in but it didnt work.
    snmp-server view Interfaces interfaces included
    snmp-server community ACB123 ro 10.x.x.x view default
    I tried to follow the guidelines on the cisco website but thats all Web interface based, i can only access the switch remotely via CLI.
    Thanks

    Hi Rafik, here is a basic snmp v1/v2 configuration
    snmp-server server
    snmp-server community test1234 rw view DefaultSuper
    This is basically wide open to anyone who knows the password. This should be enough to get you started then you can tweak additional options as you go. Give this a test, see if you can do what you're trying to do then modify this sample to work for your security needs.
    -Tom
    Please mark answered for helpful posts

  • Connecting SG300-10P to another SG300-10P

    please forgive the newbie question but trying to upgrade/expand my network beyond the simple linksys switch i currently use. 
    what is the proper way to connect a second SG300-10P to the system?
    current configuration is:
    cable modem to Cisco Router RV042G.  Router port 1 to SG300-10P port G9 (the switch is located in another room)
    from the SG300-10P i have ethernet cables (Cat 5) running throughout the building
    in another room, i would like to add another SG300-10P.  do i connect from the ethernet jack in that room to port G1-G8 or do i connect to the G9 link port?
    thanks

    Hi Lee, it generally doesn't matter. The reason it matters interconnecting these switches is because the POE is designed to work with older Cisco POE devices and the connection will detect a valid resistance and attempt to supply power to the switch which in turn may give adverse affects.
    -Tom
    Please mark answered for helpful posts

  • SG300-10P switching problem

    Hello
    I have a Synology disk on port 4 on my SG300-10P switch and my computer on port 6 both on the VLAN 1, the only VLAN on my switch. Accessing this disk with the IP address is slow and data transfer to the disk is slow as well. So I traced the route (Administration > Traceroute)
    to the disk and found that it is looping outside to the router and back to the switch. How can I get the switch to access the disk directly?
    Thanks in advance
    Leo

    Hi Leo, there shouldn't be a reason the packets are being sent to the default gateway if you're on the same subnet and the same vlan.
    Are you using the loca IP address of the Synology disk or are you trying to hairpin (using the WAN ip address instead of local IP address)?
    -Tom
    Please mark answered for helpful posts

  • SG300-10P LACP and PoE

    Hi
    I am using SG300-10 and connected it to two SG200 with LACP and PoE
    When I tried to use ssh client to check poe status via cli, the switch suddenly rebooted.
    After this, the poe is dead.
    I reset the switch, reconfigured the settings but ..
    as soon as I set GE1+GE2 to a LACP group,
    the SG200-8 connected to GE1+GE2 is down, lost power
    when I remove the GE1+GE2 from LACP group, the poe is back ...
    same to any other port.
    only ports that not in LACP listed in "Port Management" "PoE" "Settings"
    is the hardware damanged? I am using the lasted 1.3.0.62 firmware.
    The physical connected is:
    L3 Mode
    GE1+GE2 = LACP <---> SG200-8 nr1
    GE3+GE4 = LACP <---> SG200-8 nr2
    GE5 <---> my pc
    Thanks for any hint/help!

    Thanks for the advice.
    I came home today and found out a power outage happened and somehow the SG300-10P stopped working partly, any device not directly connected to it can't ping the switch or communicated to it or its conncted devices. (even after reboot)
    So I decieded to reset it to the factory default and manually reapply all the setting from my memory, because last few times I tried to use backuped config file, it ended badly. ( the firmware is already updated to latest)
    After that, I followed your advice and set GE1 PoE active and GE2 PoE off, and so on, now both SG200-8 and SLM2008 are getting power from port GE1 and GE3.
    Still, as soon as I add a port to a LACP group, it will disappear from "
    Port Management", "PoE", "Settings" page ..., is that a normal behavior? or is it a problem on SG200 or/and SLM2008?

  • Configuring vlan in a very old sparc machine

    Hi, forum!
    I need to configure vlan in a old machine.
    This machine is a sparcstation-10, with solaris 8:
    #uname -a
    SunOS gafa3 5.8 Generic_108528-18 sun4m sparc SUNW,SPARCstation-10
    # ifconfig -a
    lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index 1
    inet 127.0.0.1 netmask ff000000
    le0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2
    inet 192.9.201.2 netmask ffffff00 broadcast 192.9.201.255
    ether 8:0:20:1d:95:36
    You can see, the machine have a "le" interface.
    I did not have information about configure this type of interfaces.
    Can any help me?
    TIA
    jorge infante
    rosario - santa fe - argentina

    The machine appears to already be configured but I assume that it is configured incorrectly for your environment. If you're moving to a totally different environment (where everything is likely to be wrong), probably the easiest approach is to run sys-unconfig and answer the questions which pop up after rebooting the system. The sys-unconfig command causes Solaris to forget its configuration and prompt you for configuration information on the next reboot. It should know about the le0 interface so you don't have to worry about it. You will be asked to enter things like the machine name, IP addresss, subnet information, name service information, default router, time zone, root password, etc. so you should have that information at hand.
    The sys-unconfig command does tweak a lot of files. If you can, it would be a good idea to back up the system before running this just in case something goes amiss. I've not had problems with it but just in case...

  • Srw2048 configure VLAN's in Linux

    I have a Linksys srw2048, and through ssh/telnet/terminal I don't have any option to configure VLAN's, and through the browser (Firefox on Linux) I cannot access anything, since it seems that there is a problem.
    How can I solve this problem?
    Thank's

    If you want add VLAN's on SRW2048, you can configure the switch using the web-based Utility WebView. Maybe you have problem because combination Firefox and firmware 1.2.1 has problem with WebView. Possible solution are 1) upgrade firmware throw putty to 1.2.2 and after that can use Firefox or 2) use wine to ability to run Internet Explorer. Hope that this information help you.
    Message Edited by podnot on 08-28-2009 06:52 AM

  • Spare Power Supply for SG300-10P

    Hi Guys,
    anybody knows where i can buy a spare power supply for the sg300-10p.
    Perfectly in Europe or Germany.
    thx
    Paul                  

    Hi Paul, there has not been an individual part number for the power adapter. This is also true for things like rack mount kits. If your power adapter has died then you would need to call your reseller or the small business support requesting RMA.
    -Tom
    Please mark answered for helpful posts

  • SG300-10P SYN Protection

    Hi Community,
    just registered after reading some topics in the last months. Great answers here - thank you for that!
    No I have a minor issue with a new feature and did not find any solutions yet.
    Yesterday I upgraded my SG300-10P to firmware 1.2.7.76. I was curious about the new SYN Protection feature, but it seems to do nothing on my installation.
    The switch is running in Layer 2 mode. I have ACLs in place and DoS prevention is not enabled. I also tried clearing ACLs and enabling DoS prevention. As I understood the Admin Guide enabling DoS in the Security Suite Settings is not necessary for using the SYN Protection.
    In my firewall I see about 300 pps with SYN flags only arriving. What "they" do is sending me SYN packest to port 80 from forged IPs, so that my system should send SYN-ACKs to the victim system. In this case it is the Arab Bank. They are down at the moment...I think that is called a spoofed SYN flood attack.
    So I thougt the SYN Protection feature should exactly solve that problem but it does not and does not show any "Last Attack" entries.
    If I put a SYN filter in place it works, even if I put SYN Rate Protection in place. But that is just a dirty workaround.
    Did I miss something?
    Maybe somebody has some hints for me!
    Best wishes,
    Alex
    BTW: my firewall blocks those SYN packets with a SNORT rule, so I am no "helper" to those attacks and that is why the problem is minor to me.

    Well, finally I discovered that I can provocate an attack with hping3 but only when I flood the switch interface address itself not other hosts on other switch ports. I can bring them down without any reaction from the switch.
    So it seems, that the feature SYN Protection only protects the switch itself from SYN floods.
    Not as useful as I thought.
    Best wishes,
    Alex

  • SG300-10P Hochfrequenter Ton

    Hallo,
    ich hoffe das ich hier eine Lösung für meine Problem finde. Mein recht neuer SG300-10P erzeugt nach Anschluss an das Netzteil einen hochfrequenten Ton. Ich denke nicht, dass dies normal sein kann. An welche Stelle muss ich mich in dem Fall wenden? Gibt es einen Kontakt bei Cisco der sich um diese Dinge kümmert? Was kann ich da tun?
    http://soundcloud.com/christian-24-1/cisco-sg300-10p-ohne-sfp-0cm
    Beste Grüße,
    Christian

    Christian,
    Kontakt im Kleinbetrieb-Support-Center unter 0800 503 0017. Weltweite Kontaktinformationen finden Sie hier:
    http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html
    Danke,
    David
    Bitte entschuldigen Sie mein Deutsch

  • Configure vlan with SG 300-10P and SA 520

    Hi All,
    Forgive my ignorance but i need some help for basic configuration.
    I bought for a little office  a SA520 Security appliance (for future VPN with another distant office) and a SG 300-10P switch for connect 3 PC and 3 IP PHONE. THe SA 520 is the router. I must configure 2 VLANs on the switch :
    VLAN2 : DATA (for PC)
    VLAN3 : VOICE (for IP PHONE)
    VLAN1 : DEFAULT.
    How can i simply configure all ports ?
    I would like to configure ports 1-4 on VLAN2 and ports 5-8 on VLAN3 and port G10 is reserved for the router SA520.
    I want to divise network DATA/VOICE.
    I think i must create a trunk on G10 for SA520 ...
    Does anyone can help me?

    Hi Julien,
    Ok sounds like you are using the default vlan for management on the network  and vlan 2 for data  and vlan3 for voice.
    I am using a simulator for this, my SA520 is loaned out at the moment.
    Step 1   On the SA520  add vlan 2 and vlan 3  and label them data and voice respectively. 
    Step 2. Lets use switch port 4 on the SA520 as a trunked port to the SG-300.
                (my intention is to use untagged vlan1, tagged vlan 2 and tagged vlan 3 on  the uplink from the switch and the SA500.)
              To do this I have to tell the SA520 that switch port 4 will be in trunking mode and not access mode.
    You will have to tick off the membership of vlan 2 and vlan 3 on switch port 4.
    Step 3.  Now add some IP addresses for VLAN2 and VLAN3
    Step 4.  Create some DHCP scopes if that is what is needed on the SA520
    So by now hopefully we have the SA520 with  IP addresses associated with VLAN1, VLAN2 and VLAN3
    We also have switch port 4 as a trunk interface
    We are propogating untagged vlan1 and tagged vlan2 and tagged  vlan3 to the SG-300 switch.
    We have to do the opposite on the SG-300 switch.
    If you are using G10 as the uplink to the SA520 you will note by default  port 10 should already be in trunk mode.
    switch port G10 should be tagged for vlan 2 and tagged for vlan3.  By default Gi10  it will be untagged for vlan1.
    Make sure you set up the rest of the switch ports appropriately. 
    regards Dave

  • SG300-10P Download Configuration Problem

    Hi, I am unable to download any configuration files.  I am prompted to select a Source File, when actually I am trying to download it from the SG300.  I'm on OS X.  It simply says Choose file and I am prompted to select a file, not a folder.  The option to Choose is greyed out as if it thinks I am trying to upload to the SG300, not the other way around.  All I am able to do is Cancel.

    Hi Mike, choose the option "back up". This should allow you to save the file to your hard drive.
    -Tom
    Please mark answered for helpful posts

  • Problems setting up public/private vlans on sg300-52 switches

    A real beginner here with a problem on how to setup 3 SG300-52 (in L2 mode) as per this diagram:
    Port 1 on all switches should be able to talk to each other and access the blob at the right.
    The ports 25 on the other hand should only be able to talk among themselves in their own
    private vlan. They are to carry sensitive traffic.
    So I created 3 vlans, vlan 78 for ports gi1, gi51 and vlan 10 for port25,49,50 and a dummy vlan: 666
    with the intent of segratating vlan 10 from vlan 78.
    My attempts so far have failed.
    ports gi49-50 are configured as trunk ports and gi1,gi51 as access ports as the following
    cli output (excerpts of the startup config):
    vlan database
    vlan 10,78,666
    exit
    interface vlan 1
    ip address 172.16.10.11 255.255.255.0
    no ip address dhcp
    interface gigabitethernet1
    switchport mode access
    switchport access vlan 78
    interface gigabitethernet25
    switchport mode access
    switchport access vlan 10
    interface gigabitethernet49
    switchport trunk allowed vlan add 10,78
    switchport trunk native vlan 666
    switchport default-vlan tagged
    interface gigabitethernet50
    switchport trunk allowed vlan add 10,78
    switchport trunk native vlan 666
    switchport default-vlan tagged
    interface gigabitethernet51
    switchport mode access
    switchport access vlan 78
    Ports gi1 can talk to each other and access the blob but ports 25 refuse to talk to each other. But as soon as I remove
    the access links to the blob they can! Obviously, at that point port gi1 lose access.
    Is such a topology feasable or even advisable?
    Thanks,
    jf

    Hi Jean,
    Here's a pretty picture
    Now I will explain.
    The layer 3 switch is going to service as your core switch.
    Vlan 78 looks like your BLOB connection.
    Vlan 10 and 666 look like they don't belong on the BLOB.
    So how to configure this-
    You will want to configure the switch that connects directly to the BLOB as the layer 3 switch depicted in my diagram.
    Layer 3 switch, follow this document
    https://supportforums.cisco.com/docs/DOC-27038
    Bear with me, I am making up random numbers since I don't know what you want or will use.
    So VLAN 78 looks like the BLOB and 10 and 666 are staying out of the BLOB.
    config t
    vlan database
    vlan 10, 78, 666
    int vlan 1
    ip address 192.168.1.254 /24
    int vlan 10
    ip address 192.168.2.254 /24
    int vlan 78
    ip address 192.168.3.254 /24
    int vlan 666
    ip address 192.168.4.254 /24
    Configure the port you want to go to the BLOB, I am assuming vlan 78.
    config t
    int gi01
    switchport mode access
    switchport access vlan 78 (that 3750, what is the native vlan of the port it is connecting to??)
    Next, configure the downlink port to connect the layer 2 switch
    config t
    int gi0/2
    switchport mode trunk
    switchport trunk allowed vlan add 10, 78, 666  (this will make the port native vlan 1 untagged, rest ports tagged)
    On the downstream switch you need to configure an uplink and downlink with the respective vlans. It will remain layer 2 mode.
    config t
    vlan database
    vlan 10, 78, 666
    int gi0/1
    switchport mode trunk
    switchport trunk allowed vlan add 10, 78, 666
    int gi0/2
    switchport mode trunk
    switchport trunk allowed vlan add 10, 78, 666
    Same thing for the last switch, it will remain layer 2 mode
    config t
    vlan database
    vlan 10, 78, 666
    int gi0/1
    switchport mode trunk
    switchport trunk allowed vlan add 10, 78, 666
    int gi0/2
    switchport mode trunk
    switchport trunk allowed vlan add 10, 78, 666
    Let me know if this works out or if it is not logical for you.
    -Tom
    Please mark answered for helpful posts

Maybe you are looking for