SLM2008 to SG200-08 VLAN

Similar Messages

• SG300-28 & SG200-26 VLAN routing

  I have a SG300-28 and a SG200-24. Both are running the latest firmware.
  I am having some major issues getting mutliple vlans to route across the two switches.
  On the SG300 I am in Layer 3 mode. I have configured 4 vlans 192.168.1.0/24, 192.168.2.0/24, 192.168.3.0/24 and 192.168.4.0/24 (vlan 1-4). Each vlan interface is configured with .1 of the respective vlan.
  I have the SG200 connected to the SG300 via the last available port on each switch. They are set to trunk. I have created the VLANS on the SG200. 
  What I would like to do is set ports 1-4 on the SG200 to VLAN 2. Ports 7-12 on VLAN 3, and the rest on VLAN 4. 
  First off I am assuming this is possible. I have tried the configuration multiple ways, I've tagged ports, not tagged ports, etc. I'm not sure where to go from here.
  Any help would be appreciated.                   

  Hello Thomas,
  I am assuming you have created these VLANs on the SG300 (not just Layer 3 interfaces) as well. Also, the ports are automatically in Trunk mode. But you need to manually add VLANs that need to be tagged on those ports.
  http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=78
  If you have done all these steps, can you please be more specific on the issues you are facing?
  Regards,
  Nagaraja

• SG200-08 VLAN-trunk setting ignored after reboot

  Hi all,
  The ports on my SG200-08 are configured as follows:
  Port 1; VLAN 1+4; trunk
  Port 2; VLAN 4; access
  Port3-8; VLAN 1; access
  The config for Port 1 looks as follows: "switchport trunk allowed vlan add 1,4". The problem I want to point out here arises right after rebooting the switch; in the running config, the aforementioned line is now present as "switchport trunk allowed vlan add 4", i.e., VLAN 1 is missing in the trunk. The problem is reproducible every time I reboot the switch. At this moment, I assume it to be a bug in the firmware. This is a problem for me, since the switch's management VLAN is 1 and it gets its IP address (DHCP) over VLAN 1 as well.
  I have attached my startup config to this thread, as well as the running config exported right after reboot. In both of them, I've sanitized the rows on user accounts.
  Does anyone recognize this problem? Any suggestions on how to fix it?

  Hi chrebert,
  Thanks for your answer. You're right in concluding the VLAN 1 is my default VLAN. The problem is that the switch should contact my DHCP server over VLAN 1 and since the traffic on port 1 is not tagged, the traffic DHCP request will never reach my DHCP server. As a consequence, the switch always ends up with its factory default IP address (192.168.1.254) instead of the IP address assigned by the DHCP server. And yes, that's a problem
  So to summarize, when I configure tagged access for VLAN 1 on port 1 and write this to the startup config, it is indeed present in the startup config afterwards. However, the switch ignores this upon reboot, causing VLAN 1 on port 1 to feature untagged access.
  By the way, I completely set up the switch from scratch after restoring the config to factory defaults. It would be great if you could try to reproduce the issue and hopefully come with a fix. In case you need more information, please don't hesitate to contact me.

• Cisco sg200 voice vlan dhcp issue

  i have cisco sg200 50p connected to cisco 3750 switch. i just wanted to separate voice (vlan2) and data (vlan1) VLANS. I created vlan 2 as my voice VLAN and separate dhcp server for vlan 2 to give ip addresses to phones. however the ip phone connected to my voice vlan (vlan 2) is not receiving ip address from my dhcp server in vlan 2.
  the dhcp server is connected to 3750 switch with an access port (vlan2-voice)
  two switches are connected via trunk ports and allowed vlan 1&2
  ip phone is connected to sg200 via access port (vlan 2) - 
  note - there is no pc connected to ip phone
  I really appreciate if anyone can help me with this issue

  Hi Tom
  Thank you for the support. The phone is now getting the IP from the DHCP on its own VLAN (vlan2 )  according to  your configuration. However i need to configure the auto voice VLAN based on OUI feature which is in SG200 switch. 
  The problem is, the switch not allowed me to configure auto voice vlan feature when the port connected to IP phone is in ACCESS mode (it has to be a trunk). I know according to cisco catlyst guidelines this is totally incorrect bcz they say  "Voice VLAN is only supported on access ports and not on trunk ports, even though the configuration is allowed"
  I think its not valid for Small business switches . Anyway, when i make the said port  TRUNK it works (by assigning 1U & 2T- automatically).But the phone does not  get an IP address from my DHCP server then. 
  Can you help me with this if I am missing some configuration. Thank you once again

• SG200-50 VLAN Intercommunication

  Hello
  Given SG200-50 don't have CLI, how can I create VLAN but make sure they're able to connect together?
  I have a Cisco router already connected to the switch. Is is necessary for the VLAN to talk to each other? Can the switch do that on its own? Do I need another router to do it?
  Thanks! :)

  Hi Dan, the SG200 switch is a layer 2 device. This means if you'd like the VLAN to communicate to one another a router or layer 3 device would have to do this for you. By nature, VLANS do not talk to each other. A routing device must accomplish that for you.

• Sg200-sg300 vlan help

  I am experimenting with a setup carrying vlan's to other parts of a building through switches.
  My current config doesn't work. Anyone care to lend some brainpower?
  Here is a crude drawing. https://dl.dropboxusercontent.com/u/45775353/nc-vlan-lab.pdf
  Basically I want to give devices access to Vlan's 10,20, and 30 on another side of the building. We have LAG groups tagged with each vlan going to each switch. On the final switch we are using general instead of trunk port settings for the last mile to the wap.
  I tried it with access, and ingress filtering on/off. Nothing worked.
  I am obviously missing something.

  It would be nice if they showed you all the memberships in the same screen. It does look like that for the LAG group.

• VLAN problems with SG200-8P and Cisco ASA 5505 (Sec Plus license)

  Hi,  I've been pulling my hair out trying to get simple vlan trunking working between these devices.
  Basically, no clients on VLAN 99 (guest) will receive DHCP ip addresses when plugged into the SG200.  I have the SG200<>ASA VLAN trunk configured correctly, as I know it, and I've tried numerous variations (set trunk as general tag/untagged, etc., set the ap port to general tag/untag, etc).   Both AP's work properly when connected to the ASA e0/3 port but either will only pull the "inside" VLAN dhcp address when connected to the SG200 switch
  VLAN 1 - inside (has separate dhcp scope assigned by ASA)
  VLAN 99 - guest (has separate dhcp scope assigned by ASA)
  SG200
  purpose
  ASA 5505 (Sec Plus license)
  purpose
  g2
  Trunk 1UP,99T
  Ubiquiti AP (VLAN 1 works, VLAN 99 does not
  g3
  Access port 99T
  vlan 99 does not work
  g8
  Trunk 1UP, 99T
  < Trunk between switch and ASA >
  Int e0/2
  switchport trunk allowed vlan 1,99
   switchport trunk native vlan 1
   switchport mode trunk
  Int e0/3
  switchport trunk allowed vlan 1,99
   switchport trunk native vlan 1
   switchport mode trunk
  Second ubiquiti AP
  Both VLAN 1 and VLAN 99 clients work properly

  Frustrated - yes.  Confused - maybe not as much, but I could have put some more effort into the overall picture.
  There are two VLANs (1 - native) and (99 - guest).   There is a trunk port between the SG200 and the ASA configured as 1-untagged 99 - tagged.    
  No clients connected to the SG200 on VLAN 99  are able to access the ASA VLAN 99 using either a static VLAN IP address or DHCP.   The problem occurs whether I configure the SG200 with an access port 99-tagged or Trunk port 1UP, 99T or general port 1U, 99UP or any combination thereof.
  Anything connected to the SG200 on the native VLAN works properly.
  Anything connected to the ASA VLANs (1 or 99) works properly
  I have not yet tried to see what the switch is doing with the VLAN tags but I suspect I have some mismatch with the Linksys/Cisco SG200 way of setting up a VLAN and how traditional Cisco switches work.
  I was hoping someone with a working SG200 - Cisco ASA setup could share their port/trunk/VLAN settings or perhaps point me in the right direction.
  SG200 g2 - trunk port (1UP, 99T) -- Access Point
  SG200 g2 - access port (99U)
  SG200 g8 - trunk port (1UP, 99T)  connected to ASA5505  e0/3  
  ASA5505 e0/3  (switchport trunk allowed vlan 1,99,  switchport trunk native vlan 1,  switchport mode trunk)
  Thanks,

• SG200 vlan trunking?

  Hello,
  does SG200 supoort VLAN Trunking?

  Hello, I think there is support:
  I found this site too which shows how to configure it: http://lachlanmiskin.com/blog/2012/08/01/cisco-sg-200-08-trunking/
  Cisco's datasheet says it supports tagging 802.1q.
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps11229/data_sheet_c78-667827.html
  Hope this helps.
  Please rate useful posts and remember to mark any solved questions as answered. Thank you.

• RV042G and SG200-18 Failed to work

  1) SG200-18 configuration
  - VLAN 10 and 20
  - VLAN 10: Port 1 tagged, Port 14 untagged
  - VLAN 20: Port 1 tagged, Port 13 untagged
  - Port 1: 1UP, 10T, 20T Admit tagged PVID 1
  - Port 14: 10UP Admit untagged PVID 10
  - Port 13: 20UP Admit untagged PVID 20
  Port 1 connected to Fiber ONT (On VLAN 10), Port 14 connected to RV042G WAN.
  Once RV042G LAN connects to SG200-18 (VLAN 1) port, RV042G WAN unable to get public IP and internet connection gone, port 14 showing "Discarding" under "Spanning Tree"
  Can anyone help?

  Thanks Dave for long long explanations!!!
  Here's my answer in RED:
  Hi Lian,
  You said the SG200 is a layer 2 router, it's a layer two switch. But this brings up a point which is,  Tom anf myself may be slightly misinterpreting your post.
  So I am going to ask a couple of questions  to better understand the setup.
  Does the ONT really transmit out  TAGGED VLAN frames  to my switch or does it only transmit to my switch untagged Ethernet frames. 
  1.    A way to test this , is can your PC plug into the ONT and get internet connectivity ?
  [lwloo]Yes, it transmit TAGGED VLAN, 10 for internet, 20 for TV, 30 for Phone. By connecting laptop without setting NIC virtual interface you will not get the internet ip address.
  2.    I'm guessing the ONT is just a Internet connection from SINGTEL for Internet connectivity, am I correct ?
  [lwloo]Yes, ONT is the Optical network terminal for Singtel Fiber internet connection.
  You show in your orginal post the following vlan configuration ;
  1) SG200-18 configuration
  - VLAN 10 and 20
  - VLAN 10: Port 1 tagged, Port 14 untagged
  - VLAN 20: Port 1 tagged, Port 13 untagged
  - Port 1: 1UP, 10T, 20T Admit tagged PVID 1
  3.    Is the diagram further up this post  correct or should VLAN1 be really  VLAN10 ?
  [lwloo]Sorry, my mistake on that diagram. LAN1 refer to port 1. The actual diagram:
  If the ONT presents you with just a copper  ethernet connection of untagged frames, i think the configuration of GE1 on the switch is wildly  incorrect.
  4.    Why do you have unagged vlan 1 on port GE1 ?
  [lwloo]If I remove vlan 1 from GE1, it be become internal vlan with 4095P added automatically.
     5    Why do you have tagged VLAN 20 on the GE1 (connection to ONT)  What is the purpose of VLAN20 ?
  [lwloo]VLAN 10 for internet, VLAN 20 for TV, VLAN 30 for Phone, VLAN 40 for Management.
  VLAN mode on GE1 is real suspect, in fact I cannot understand why you are using general mode on your switch ports. .
  [lwloo]Without choosing general I will not be able to choose “Admit Tagged Frame”; if I choose trunk, all option will be grayed out.
  VLAN interface General mode can be disruptive, as you have seen from your results, have a look at the description from the built in admin guide by pressing the help icon in the top right hand corner of your screen.
  here is a acopy of the help text from my SG300 series switch.
  Interface VLAN Mode—Select the interface mode for the VLAN. The options are:
  •    General—The interface can support all functions as defined in the IEEE 802.1q specification. The interface can be a tagged or untagged member of one or more VLANs.
  •    Access—The interface is an untagged member of a single VLAN. A port configured in this mode is known as an access port.
  •    Trunk—The interface is an untagged member of one VLAN at most, and is a tagged member of zero or more VLANs. A port configured in this mode is known as a trunk port.
  Arghhh  that always raises a warning sign.  General mode allows a untagged switch port to be members of many VLANs..wow... useful if you are using radius to allocate a VLAN to a 802.1x PC client, but it seems dangerous in your application.
  Why is GE1 of the switch in General mode, why not leave all ports  in the default trunk mode    it's safer
  [lwloo]I will try later.
  (note: trunk mode allows for one untagged VLAN by many tagged VLANs )
  If the ONT transits untagged frames to the switch and is just a Internet connection.the try the following steps to get the Internet to the wan port of the RV042G.
  [lwloo]No, if ONT transits untagged frames then life will be much more easier. 
  step 1.  OK leave the ingress port GE1 in trunk mode, in fact all ports to trunk mode.
  step 2.  Add vlan10  as untagged member of  GE1. (you may have to exclude VLAN1)
  Step 3.  Make switch port GE14 a untagged member of VLAN10  ( you may have  to exclude VLAN1 from GE14.)
  If the ONT is transmitting multiple tagged VLANS into your network the above three steps wont work.
  So lets see some answers to my questions above, as i think i can spot a configuration issue if my assumptions are correct.
  Regards Dave

• Help with VLANs on SG200-18 and two SG200-08 switches

  Hi everybody. My apologies but I'm only average at best with my CISCO skills. I have simple setup running a few network devices connected via 3 CISCO switches. It's small office and there are two rooms - one with servers and one with printer and pc's. Each room has 8-port SG200-08 switch.
  Router/ firewall is Sonicwall TZ215 and it handles internal routing between VLAN's. Each SG200-08 was connected directly to TZ215 (no SG200-18 yet) and VLANs were working perfectly. Please see diagram below...
  Problems started when I added in the middle larger SG200-18 to handle extra devices. Whatever I'm doing wrong but I can't make VLANs work anymore. Something I'm not setting up correctly in SG200-18.
  Please help me to setup VLANS here - tagged, untagged, PVID, trunk........ I'm completely lost and already had to reset SG200-18 twice.
  My working setup without 18 port switch was like this.
  SG200-08 (1)
      g1  Trunk  1     1U,100T 
      g2  Trunk  1     1U   
      g3  Trunk  1     1U   
      g4  Trunk  1     1U   
      g5  Trunk  1     1U   
      g6  Trunk  1     1U            SERVER3    
      g7  Trunk  100   100U      SERVER1
      g8  Trunk  100   100U      SERVER2
  SG200-08 (2)
      g1  Trunk  1     1U,50T,200T   
      g2  Trunk  1     1U   
      g3  Trunk  1     1U   
      g4  Trunk  1     1U           PC1A
      g5  Trunk  1     1U           PC1B
      g6  Trunk  50    50U        PC2A
      g7  Trunk  50    50U        PC2B
      g8  Trunk  200   200U     NETWORK PRINTER
  Thank you in advance.

  Hello,
  Small switches would remain untouched but 200-18 needs to have the following settings:
   g15 Trunk  1     1U,100T 
   g16  Trunk  1     1U,50T,200T
   g17 Trunk  1     1U,50T,200T
   g18 Trunk   1      1U,50T,100T,200T
  Sonicwall now would have only one port connected to SG200-18 with settinngs matching port g18 on big switch.
  If you notice there is a change as now you would have only 1 port connecting your network to the Sonicwall, would advise you to use port 17 or 18 since they are uplink ports.
  If you have tried to connect two ports to big switch STP would block one of the ports.
  Let me know how it is going :-)
  Aleksandra

• Setting Up VLAN and QoS for VOIP on SG200-18

  We recently purchased the SG200-18 smart switch to replace a Netgear unmanaged switch. We're moving our phone service to VOIP through our local ISP as well. 
  I've currently got the VOIP phone plugged into Port 17 on the SG200-18 (it's a Grandstream cordless VOIP phone).
  I want to put the VOIP phone on a separate VLAN from the rest of the network and optimize the QoS settings so that the VOIP phone has exceptional audio quality even during intense network traffic.
  Here's my questions:
  1. Do I need to adjust anything on the type of port for Port 17 (since it looks like some form of Combo port)?
  2. How do I go about isolating the VOIP phone on it's own VLAN (I'm seeing VLAN and Voice VLAN settings, not sure which one to use; I tried setting a VLAN and broke Internet connectivity to the phone until I went in and removed it)?
  3. Do I need to adjust any QoS settings on the switch to better optimize the VOIP phone?
  A couple of additional questions about the GS200-18 in general:
  1. Do I need to adjust any of the System Time Settings on the switch? I'm in Central Time.
  2. Do I need to adjust any of the Green Ethernet/Energy Saving settings or should I stick with the defaults?
  Also, a couple of "getting started" side questions to Cisco:
  1. I've registered a My Cisco account. What do I need to do to register my switch with Cisco and associate it with my My Cisco account?
  2. What are the benefits of taking out a Cisco Small Business Support Contract, and about how much would it cost on the SG200-18 (I ordered it from Provantage)? I'm curious to see if it's worth the money.
  Here's my "specs":
  Switch: SG200-18
  VOIP phone: Grandstream DP715 and 710 expandable handsets
  Plugged into: Port 17 on the SG200-18
  ISP: Local ISP (Direclynx)
  Connection type: 3M down/500k up DSL, moving to a wireless connection coming up which will give us faster speeds
  VOIP backend provider: VOIP Innovations
  Router: Apple Airport Extreme AC model (I run all Macs and iOS devices and OS X Server on the network, so using the Apple router makes setup easier, since it doesn't QoS, trying to QoS and VLAN at the switch level)
  Thanks everyone!

  Hello,
  Lots of different questions here so I'll try to make sure I don't miss anything.
  1. Do I need to adjust anything on the type of port for Port 17 (since it looks like some form of Combo port)?
     The way the combo ports work is you can either use the SFP slot for a fiber connection or the copper ethernet port, but not both at the same time.  Other then that they just function as normal network ports.
  2. How do I go about isolating the VOIP phone on it's own VLAN (I'm seeing VLAN and Voice VLAN settings, not sure which one to use; I tried setting a VLAN and broke Internet connectivity to the phone until I went in and removed it)?
     It sounds like you created the VLAN correctly and assigned the phone, however there wasn't anything doing any routing for that VLAN.  You would need to have a VLAN capable router or a layer 3 switch so that something would act as the default gateway for the voice VLAN and route the traffic for you.  Since there was nothing like this your phone lost it's connectivity to the internet when you placed it in the new VLAN.  I don't think the Airport is VLAN capable, but we will come back to that.
  3. Do I need to adjust any QoS settings on the switch to better optimize the VOIP phone?
     Once you have a seperate VLAN setup for the phone properly you only have to tell the switch what your Auto Voice VLAN is going to be and it will automatically apply recommended QoS settings for the Voice VLAN and prioritize the voice traffic.  There are ways to do this manually and even with the phone in the same VLAN however the are considerably more complicated.
  1. Do I need to adjust any of the System Time Settings on the switch? I'm in Central Time.
     The system time isn't always very important.  You can set the correct time zone, however you should know the switch does not have a battery in it to keep track of time, so if/when it reboots or loses power the clock will reset.  If you would like the switch to maintain accurate time you should setup an NTP server so the time is automatically updated from the internet.  The switch will keep your timezone settings once you save them.  Time is mostly important for logging and things like that, so you can configure it if you like but it is not necessary.
  2. Do I need to adjust any of the Green Ethernet/Energy Saving settings or should I stick with the defaults?
     Green ethernet simply reduces the power usage of the switch slightly, so unless you are having odd issues where ports are disconnecting, I would just leave them at the defaults.
  1. I've registered a My Cisco account. What do I need to do to register my switch with Cisco and associate it with my My Cisco account?
     There isn't really a way to associate your Small Business devices with your Cisco account.  If you ever call in for technical support we will use your Cisco account and your serial number to create a support case, but even then they aren't linked together.  If you decide to buy a support contract, that will be linked to your switch's S/N and your Cisco ID, so in a way that would associate them together.  Devices being associated with Cisco accounts is something more common with Enterprise equipment, and mainly has to do with technical support cases.
  2. What are the benefits of taking out a Cisco Small Business Support Contract, and about how much would it cost on the SG200-18 (I ordered it from Provantage)? I'm curious to see if it's worth the money.
     There are a few advantages to a Support Contact.  Your switch comes with a Limited Lifetime warranty that includes 1 year of technical support and return to factory hardware.  With a service contract you get 3 years of technical support and next business day Advanced Replacement of the switch if it need to be replaced.  I just did a quick google search, and it looks like a contract (part #CON-SBS-SVC2) costs about $50.
  So there are a few other things to consider however.
  As a frame of reference the average VOIP call uses about 64 - 128 kbps max.
  Since you don't have a VLAN capable router or a layer 3 switch, a separate voice VLAN may not be an option.   You also mention that the Apple Airport does not do QoS, meaning we will only be prioritizing the voice traffic while it is on the switch.  When it is passed off to the Airport to be routed out to the internet all of the QoS settings will be lost, and normal network traffic will get the same priority as voice, since that is all up to the Airport.
  With one phone the hassle of getting more equipment and setting up advanced QoS isn't really worth it, especially if the link to the internet isn't going to be participating in QoS.
  One last thing I wanted to mention is you are switching to a wireless internet connection.  I would ask them how their latency and jitter is, as these two network statistics greatly effect voice quality, and usually wireless performs worse when it comes to voice traffic.
  I hope this information helps, if you have any more questions just let me know.
  Thank you for choosing Cisco,
  Christopher Ebert - Network Support Engineer 
  Cisco Small Business Support Center

• Sg200 vlan and qos

  Hello,
       Looking for best practice setup for this network I have three buildings networked together at layer2 have three swiches 2x sg200-24
  and one sg200-18. The middle building is the one with voip phones. On the other two buildings on each end I have pbx's that mark tos bit with '5'
  and voip cards in pbx's do not have vlan capabilites nor mark dscp. However in the middle building the phones have vlan marking and dscp. So have successfully made communication with setting voip cards on port 2 in the end buildings untagged on vlan 10. and middle building  tagged on vlan10 with vlan1 for downstream pc's hooked to phones (using trunks to phones) 10t 1U.
       My question is how to implement qos. The equipment does not have lldp advertising? Ideas would be apprecitated. I should mention that my idea is to use the oui's. The voip cards are marking tos bit with value '5' but the again voip cards do not support dscp. Not clear on best method for this.
  Mike

  Hi Mike, the SG 200 supports LLDP med. Here's a document I wrote for the SX300
  https://supportforums.cisco.com/docs/DOC-27005
  It's pretty much identical to the SX200.
  If you will keep the phones connected to a port and not move them, you can probably use the QoS  function of the switch, manually set the QoS configuration on the port then over ride ingress DSCP (much more aggressive, but cool) which can be found on the Quality of Service tab.
  -Tom
  Please mark answered for helpful posts

• SG200-26: dynamic VLAN - 802.1X

  Last week I got my SG200-26 (SLM2024T-EU). The Data Sheet says, that the switch works with dynamic VLAN assignment over 802.1X.
  IEEE 802.1X
  (Authenticator role)
  802.1X: RADIUS authentication and accounting, MD5 hash
  Supports time-based 802.1X
  Dynamic VLAN assignment
  The authentication on freeRADIUS works. I client could get access to the network after entering username and password but the client is not assigned to a VLAN. I used wireshark to sniff the authorisation process between the switch and the freeRADIUS server and the VLAN information were transmitted to the switch.
  I would appreciate if some could give me some help how to configure the switch to work with dynamic VLAN assignment and freeRADIUS. If you need some more information, please let me know. I will add them here as far as possible.
  Thank you very much!
  Alexander
  Edit

  Hello Nico,
  Thank you for your reply.
  I will show you my scenario a little more in detail and explain, what I have configured:
  I have got one server/router with a VLAN capable NIC connected to Port g1 on the switch. On the router I created 2 VLANs with VLAN-ID 5 and VLAN-ID 6.
  Both VLAN "NICs" have a static IP address and there is running a DHCP server for each VLAN. On the same server there is runninga freeRADIUS server.
  Now I did the following configuration on the switch:
  1. I assigned a static IP on the switch.
  2. SECURITY -> RADIUS:
  I added the RADIUS Server IP address and the key string (same on switch and freeRADIUS) and I ticked Usage-Type: 802.1X
  3. SECURITY -> 802.1X -> Properties
  Port-Based Authentication: Enabled is ticked
  RADIUS
  4. SECURITY -> 802.1X -> Port Authentication
  Administrative Port Control: Auto is ticked
  5. VLAN-Management --> Create VLAN
  VLAN-ID 5
  Descr. VLAN5
  VLAN-ID 6
  Descr. VLAN6
  I think, to this point the configuration is correct, isn't it ?
  I would appreciate very much, if you could give me advice for the further steps like Port Mode Access, Trunk or General for the clients which connect to the switch and if tagged or untagged.
  I have port g1 in trunk mode and VLAN5 and VLAN6 is tagged because my NIC is VLAN capable. But the other clients which connect to the switch do not have a VLAN capable NIC and these clients should get their VLAN assigned dynamically.
  I attached the pcap file which contains the authentication between freeRADIUS and the SG200-26 (Port g1)
  Thank you very much in advance!
  Alexander

• SG200 Small business switch - vlan issue

  I have the wonderous task of remotely configuring a few SG200 small business switches.
  I need to create a vlan and move a few ports into that vlan, doesn't sound too difficult.
  I have created the vlans but when I go to add the ports into the vlan the only option I seem to have is General?
  If I specify access I can't say what vlan the port should be in?
  What am I doing wrong?
  All ports are currently in VLAN 1 and are in mode trunk
  I have created 2 new vlans and just want to put 4 ports in VLAN 2 and 4 ports in VLAN 4
  Can anyone impart any wisdom?
  Thanks
  Roger

  Hi Roger,
  Did you try this guide?
  http://sbkb.cisco.com/CiscoSB/Loginr.aspx?login=1&pid=2&app=search&vw=1&articleid=80
  Are you configuring it from GUI or CLI ?
  Regards
  Mariusz

• Passing voice and data Vlans on Cisco SG200-08P help

  Hello All,
  I'm struggling with a configuration issue on the Cisco SG200-08P.
  We are using the Cisco SG200-08P on a mobile cart that will go from class room to class room that will have computer and cisco Voip phone plugged into it. The issue is that each of our closets are in differnt VLANS ( 1 voice and 1 data....lets say data vlan 20 and voice vlan 2025 for conversation) and that we route to each closet.
  It would be great if I could just create a generic data and voice vlan to dynamically pick up what the upstream switch has however, it seems that I've been unsuccessful in doing so.
  So far I can pass the data Vlan no probablem. The upstream switch port is set to access port and a switch port access voice vlan (these are 3750x switches)
  If the above is not possible I guess I will take what I can get. Should I just create data vlan 20 and voice vlan2025 on the Cisco SG200-08P and make a trunk port on the Cisco SG200-08P and a trunk on the 3750x? Is there an option on the Cisco SG200-08P to tag voice traffic?
  I'm also concerned with VTP and I did not see an area in the Cisco SG200-08P to set that as a client and transparent mode.
  Thanks for any help,
  Dan

  On a Catalyst switch, when a port is defined as a trunk without a vlan specified on the port, all vlan pass through the port. On a small business switch it is nearly the opposite. You must specify the vlans on the links. Additionally, ingress filter discards anything not associated to the port.
  802.1q specifies there must be an untagged vlan which is the native vlan (of course you can make exceptions, tagging the default vlan..).
  One thing I did in the past with a 2960, I made an LLDP network policy and it basically "provisioned" the downstream switch connecting link and voice vlan. That may be another idea for you.
  Here's a link that may be useful-
  https://supportforums.cisco.com/message/3811376
  Here is the 2960 config I used to feed a SB switch voice info
  Switch#show run
  Building configuration...
  Current configuration : 2206 bytes
  ! Last configuration change at 00:41:16 UTC Mon Mar 1 1993
  version 12.2
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname Switch
  boot-start-marker
  boot-end-marker
  no aaa new-model
  system mtu routing 1500
  vtp mode transparent
  network-policy profile 1
  voice vlan 100 cos 4
  spanning-tree mode pvst
  spanning-tree extend system-id
  vlan internal allocation policy ascending
  vlan 2
  name test
  vlan 100
  lldp run
  interface FastEthernet0/1
  network-policy 1
  spanning-tree portfast
  interface FastEthernet0/2
  interface FastEthernet0/3
  interface FastEthernet0/4
  interface FastEthernet0/5
  interface FastEthernet0/6
  interface FastEthernet0/7
  interface FastEthernet0/8
  interface FastEthernet0/9
  interface FastEthernet0/10
  interface FastEthernet0/11
  interface FastEthernet0/12
  interface FastEthernet0/13
  interface FastEthernet0/14
  interface FastEthernet0/15
  interface FastEthernet0/16
  interface FastEthernet0/17
  interface FastEthernet0/18
  interface FastEthernet0/19
  interface FastEthernet0/20
  interface FastEthernet0/21
  interface FastEthernet0/22
  interface FastEthernet0/23
  interface FastEthernet0/24
  interface FastEthernet0/25
  interface FastEthernet0/26
  interface FastEthernet0/27
  interface FastEthernet0/28
  interface FastEthernet0/29
  interface FastEthernet0/30
  interface FastEthernet0/31
  interface FastEthernet0/32
  interface FastEthernet0/33
  interface FastEthernet0/34
  interface FastEthernet0/35
  interface FastEthernet0/36
  interface FastEthernet0/37
  interface FastEthernet0/38
  interface FastEthernet0/39
  interface FastEthernet0/40
  interface FastEthernet0/41
  interface FastEthernet0/42
  interface FastEthernet0/43
  interface FastEthernet0/44
  interface FastEthernet0/45
  interface FastEthernet0/46
  interface FastEthernet0/47
  interface FastEthernet0/48
  interface GigabitEthernet0/1
  switchport mode trunk
  interface GigabitEthernet0/2
  interface Vlan1
  no ip address
  interface Vlan100
  no ip address
  ip http server
  ip http secure-server
  logging esm config
  line con 0
  line vty 5 15
  end
  Switch#
  -Tom
  Please mark answered for helpful posts