SLM2024 and VLANs

I am trying to understand what I am doing wrong here, if anything. I am trying to seperate a lab network into 2 vlans. The fist (vlan1) is the default management vlan which has a bunch of hosts on it including the WAN gateway host. All the ports on this vlan are set to untagged, yet will accept both tagged and untagged packets. This is the default, out of the box set up for this device. All hosts on this vlan use 192.168.0.0/24.
I added a second vlan, vlan2. I set two ports on this vlan. One I gave mobility over both vlan1 and vlan2 by setting the PVID to 1, which according to the manual simply tags all untagged packets to vlan1. I don't know why this feature exists, but I digress. This host is a bsd router with 1 Nic and on the nic I configured a vlandev or subinterface and gave it an IP for the vlan2 subnet(192.168.1.0/24). This worked fine and once I set up my routing I could talk from hosts on the default vlan(192.168.0.0/24) to the vlan interface on the router (192.168.1.0/24)
host-192.168.0.3--->router-192.168.0.254--->routers vlan_interface-192.168.1.1
The second vlan port on vlan2 I joined to the vlan with the "join" button. It is now a member of vlan2 exclusively. I set the the nic with 192.168.1.2/24 and pointed to the routers vlan_interface as the default gateway (192.168.1.1)
his host cannot even talk to the gateway, let alone pass traffic accross to vlan1. I have set uop similar network segments using smc and hp procurve gear but they provide a great deal more in terms of standard features. This time around I am stuck working with this slm2024 which is "supposed" to be able to do actually 802.1q properly yet seems to be missing the necessary feautes required to actually do the job. As far as my undertanding is concerned I need to set the switch port that feeds the layer3 bsd router as a trunk. This has always been the case regardless of switch yet this is not an option on the slm2024. Has anyone ever configured more than one vlan on these things and had hosts in either vlan communicate. To confrim this I bridged the vlandev on the router to a second nic I installed. Plugged that bridged interface into a dumb switch and plugged a host into the switch. I gave the host 192.168.1.2/24 and presto it could talk to the router on vlan2, and any host on vlan1 as well as passing traffic upstream to the internet. The minute I plug that host inot a switch port on the slm2024 that is a member of vlan2 it all goes to pot. Any feedback is appreciated.

the SLM series have all the ports set to general already.
if you need to set a trunked port on the SLM, all you need to do is member the port to all the VLAN you need and tag them accordingly with the native VLAN being the PVID.

Similar Messages

  • How do I add a Subnet and vlan with a catalyst 3550 and RV120

    Hello Friends.
    I have a scenario that i'm hoping i can get some help with. I'll be as detailed and descriptive as i can.
    This is for a business with 100 employees nodes and 100 camera nodes all needing IP internet through private addressing and public gateway.
    I have a business class gateway with a private range of 12 public addresses. Ther modem does nothing but act as a gateway since i have disabled the firewall and DHCP.
    In place of the firewall and DCHP from the modem i have installed a RV120 Firewall with VPN. When installing i replicated the IP scheme of the modem as to not disturb and distrup the devices assigned addresses from that scheme from the modem. I did this because the owner could not have any down time or any disruption to the business operations.
    The RV120 now acts as firewall , DHCP , and VPN. I'll address the subnet first. I's using 10.0.0.0/24 subnet range.
    DHCP is assigning 10.1.10.50 - 10.1.10.100 the rest are static and i plan to use static DHCP with the IP and MAC assigned to each static DHCP address.
    There are 100 cameras with static IP addresses in the range of 10.1.10.11 - 10.1.10.40, and 10.1.0.1.101 - 10.1.10.170.
    VPN uses PPTP assigned address 10.1.10.6 - 10.1.10.10.
    There are no layer 3 switches that i know of. Just a layer two that is the primary swith and ports have run out, and various out of the box switches and wireless access points connected to the primary switch.
    I want to implement subnets into the network and VLANS as well on a new Layer 3 switche from cisco. Thinking 3550 from Cisco or one of the older layer 2 switches with layer three capabilities.
    I also want to introduce a 192.168.0.0/24 IP range for the existing wireless network and segment the traffic from the rest of the traffic on other ranges.
    I want to replace the 10.0.0.0/24 DHCP alltogether and the static addresses for end user nodes on the same network, but keep that range just for camera nodes segmented.
    I want to implement a NEW end user IP range and VLAN for employee/guest networks using the 172.16.0.0/24 range.
    Iv'e thought of replacing all the wireless nodes with RV120's and use VLAN. Dont know if that strategy works. Need to think it through.
    I want the 192.168.0.0/24 IP range comunicate to with the 172.16.0.0/24 and possibly the 10.0.0.0/24 range.
    Any advice on how to do this?
    As a side note the next step after this is to install a server domain controller as all the computers are all stand alones in their own workgroups. It's a simultaneous project that will introdue a DCHP, WINS, DNS server.

    Hi Omid, it sounds like you're proposing the 3550 switch but you're not decided yet. The 3550 switch is a pretty old device and needs enhanced multilayer image. It may be more prudent to use a more current switch such as small business SG300 or SG500 as the feature set is more rich and it supports around 480 LAN connections.
    To answer the inquiry, the RV120W, when you create a VLAN it will automatically create an IP interface. From this you may assign subnet as you like along with 'enable or disable' for inter vlan routing. Since the RV120W has this feature, a layer 3 switch is not required unless you are looking to keep the routing load smaller by routing locally with the switch.
    With Catalyst or a small business switch you would need to create a VLAN. After creating the VLAN, on a Catalyst you can simply issue "switchport trunk encapsulation dot1q" on the desired interface and all VLAN will passage without issue. For a port connecting a user "switchport mode access" "native vlan xx" This will assign the port as untag member of the desired VLAN.
    If using a small business switch, it is slightly different, you still create the VLAN but the command issue is a bit different  "switchport trunk allowed vlan add xx" for the link to the router, where xx = the VLAN ID to tag to the router. For access client it remains the same as Catalyst.

  • Logical network to physical network mapping (subnets and VLANS) in SCVMM 2012 R2

    In much of the blogs, documentation and literature on VMM, there are examples of deploying multiple logical networks onto one physical network i.e. Cluster (logical) + Storage (logical) + Backup (logical) + Live Migration (logical) + Management
    (logical) on top of Datacenter (physical).
    Does this mean it would be possible to have one (physical) flat VLAN-less network with one subnet and then have all those logical networks (with subnets and VLANs) on top of it? Even with a simple unmanaged L2 switch that doesn't support VLANs itself?
    If not, just how do you map multiple logical networks to just one physical network? How does that work in practice? Is a L3 switch needed to route traffic between logical networks for example?

    Hi. VMM Networking may be overwhelmed for the most, at first. But you really need to understand the modeling here and how things are related to each other. Especially if using NIC teaming in WS 2012 (and R2) together with this mix.
    I suggest that you read the following whitepaper where we explain how to setup networking in VMM (also to support network virtualization, but that is absolutely not mandatory): http://gallery.technet.microsoft.com/Hybrid-Cloud-with-NVGRE-aa6e1e9a
    -kn
    Kristian (Virtualization and some coffee: http://kristiannese.blogspot.com )

  • WLC2112 with Guest / Web-Auth and vlan

    Hi
    I'm trying to configure my WLC with guest SSID and vlan 10.
    The security is only set to Web-auth, and it is all working if the guest network is set to nativ vlan (1) But it seems that the http(s)://1.1.1.1/login.html is not reacheble from the guest SSID/VLAN??
    Please help.
    Management IP Address 192.168.14.252
    Software Version 6.0.182.0
    Emergency Image Version
    I have tried with ver. 5.2 also -

    I think that 1.1.1.1 is only reachable from a wireless client during webauth. They should not be able to reach that address once they have passed through the web auth page.
    Don't know if that helps, or not.

  • Help with wireless controller and VLANs

    Hi I'm trying to setup a wireless controller in preparation for a large site go live later this year. I'm struggling to get the controller and the WLAN using the correct VLAN. I want the controller on VLAN 100 and the clients on the WLAN on VLAN 200.                 
    My thought is that I would need a config similar to:
    Switchport for wireless controller management port set to trunk VLAN 100 and 200 with no native VLAN set.
    The management interface on the controller set to VLAN 100.
    A dynamic interface created on VLAN 200.
    When setup like this I can get to the controller on its management address but only from VLAN100 not from another VLAN on site or from other sites over the WAN.
    I have setup a WLAN which is set to use the dynamic interface on VLAN 200.
    I have set the AP to use HREAP and set the native VLAN as 200 and added the dynamic interface into the VLAN mappings
    When I connecting a client to the WLAN I get an address on VLAN 100.
    The switchport for the AP is set to native VLAN 100 and trunk 200 – this setup works for standalone APs at other sites.
    What am I missing?
    Also any idea why the management interface address is not routing? The netmask and gateway are set correctly.
    Thanks
    Paul

    Just to add to Steve's post... You only need to create a dynamic interface for vlan 200 if you have ap's also in local mode.  If your ap's are in H-REAP/FlexConnect mode, you don't need a dynamic interface for vlan 200.
    In you H-REAP/FlexConnect ap, you would set the wlan to vlan mapping there and the switchport configuration would be a trunk allowing vlan 100 (im assuming your native vlan for your ap) and vlan 200.  You should see something like the following:
    Thanks,
    Scott
    Help out other by using the rating system and marking answered questions as "Answered"

  • VRF configuration on subinterface and VLAN subinterface

    Hi
    Can I configure VRFs on subinterface (physical and VLAN) basis in a normal BGP/MPLS VPN configuration.
    Thanks
    VK

    Hi Sultan,
    You are very welcomed, i'd be more than glade to help you out your confusion, below is the output of one of my lab PEs, and moreover i've in production customers running with this setup, i've never faced the issue you are describing, if you can regenerate the test you are describing we can elaborate on it:
    interface FastEthernet0/0
    no ip address
    interface FastEthernet0/0.1
    encapsulation dot1Q 101
    ip vrf forwarding a
    ip address 101.101.101.1 255.255.255.252
    interface FastEthernet0/0.2
    encapsulation dot1Q 202
    ip vrf forwarding b
    ip address 202.202.202.1 255.255.255.252
    This is a 7200VXR (NPE-300) running "c7200-p-mz.122-25.S14.bin".
    BR,
    Mohammed Mahmoud.

  • IPMP and VLANs

    I would like to have two NICs in IPMP configuration and public connections tagged with VLANs.
    I know the naming convention when one VLAN tag assigned to the physical NIC but I do not quite understand how to add multiple VLAN tags to one NIC and VLAN tags to pseudo interfaces.
    Here is the configuration I have:
    /etc/hostname.e1000g8
    netmask + broadcast + group ipmpgroup4 deprecated -failover up addif sunsolaris10-6 netmask + broadcast + failover up
    /etc/hostname.e1000g9
    netmask + broadcast + group ipmpgroup4 deprecated -failover up addif sunsolaris10-7 netmask + broadcast + failover up
    netmask + broadcast + group ipmpgroup4 deprecated -failover up addif sunsolaris10-12 netmask + broadcast + failover up
    netmask + broadcast + group ipmpgroup4 deprecated -failover up addif sunsolaris10-13 netmask + broadcast + failover up
    netmask + broadcast + group ipmpgroup4 deprecated -failover up addif sunsolaris10-14 netmask + broadcast + failover up
    ... and here how it looks like once configured:
    e1000g8: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu 1500 index 13
    inet 0.0.0.0 netmask ff000000 broadcast 0.255.255.255
    groupname ipmpgroup4
    ether 0:50:56:23:29:c8
    e1000g8:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 13
    inet 10.10.1.116 netmask ff000000 broadcast 10.255.255.255
    e1000g9: flags=9040843<UP,BROADCAST,RUNNING,MULTICAST,DEPRECATED,IPv4,NOFAILOVER> mtu 1500 index 14
    inet 0.0.0.0 netmask ff000000 broadcast 0.255.255.255
    groupname ipmpgroup4
    ether 0:50:56:24:f:2e
    e1000g9:1: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 14
    inet 10.10.1.117 netmask ff000000 broadcast 10.255.255.255
    e1000g9:2: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 14
    inet 10.10.1.118 netmask ff000000 broadcast 10.255.255.255
    e1000g9:3: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 14
    inet 10.10.1.119 netmask ff000000 broadcast 10.255.255.255
    e1000g9:4: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 14
    inet 10.10.1.120 netmask ff000000 broadcast 10.255.255.255
    Regards
    Leonid

    Does anybody familiar with setting up multiple VLANs tags on network interfaces in Solaris 10?
    Regards
    Leonid

  • AP541N cluster and VLAN

    Hi.
    Simple but not obvious question.
    I've added separated wifi for guest with VLAN ID 300. Now I have 2 more access points. They are in cluster but only one is connected to smart switch SLM2008.
    Should I need to connect all of them to smart switch? I do not understand how cluster and VLAN work.

    Hello Tomasz,
    Yes. I guess you need to connect all APs to the switch (same bridged network). Clustering only makes all your AP act as one single entity ( you don't have to connect to the second AP In a cluster separately. Same wireless configuration will do).
    Refer Clustering section under the below manual for further details:
    http://www.cisco.com/en/US/docs/wireless/access_point/csbap/AP541N/administration/guide/AP541Nadmin.pdf#page139
    Hope this helps,
    Vijay
    Please rate useful posts.
    Sent from Cisco Technical Support iPad App

  • Difference between bridge-group and VLAN

    Hi all,
    I don't understand very well the difference between bridge-group and VLAN...
    Could someone explain me or give me a site which could help me?
    Thx U by advance!

    Khay
    bridge-group is used on a router to enable bridging on an interface. In terms of functionality a bridge-group is very similar to a VLAN. For example if you create bridge-group 1 and assign it to interfaces FastEthernet 1/0 and 2/0 and you create bridge-group 2 and assign it to interfaces FastEthernt 1/1 and 2/1 it is like creating 2 VLANs. Devices in bridge-group 1 (interfaces 1/0 and 2/0) can communicate with each other but not with devices in bridge-group 2 (intefaces 1/1 and 2/1).
    HTH
    Rick

  • Aironet 1252 doesn't broadcast SSID and VLANs

    Best regards.
    I have an autonomus AP Aironet 1252 (software version: 12.4(18a)JA1)
    I configured 3 SSID and VLANs, but the AP doesn't broadcast SSID, the vlans are working fine because I tested configuring manually the hide SSID on laptops.
    Also the AP broadcasts the SSID whe only one SSID is configured!!!
    How I can do the AP to broadcast all SSIDs?
    Thanks in advance.

    From the command line of your AP.
    Change each SSID as follows.  You want to turn off "guest-mode" and enable "mbssid" at each SSID.  Guest-mode will only broadcast one SSID, you must use mbssid  to allow all SSIDs to broadcast.
    #config t
    #dot11 ssid
    #no guest-mode
    #mbssid
    Now from each radio
    #int d0
    #mbssid
    #int d1
    #mbssid

  • HSRP issues and flapping links and vlans

    Hi
    My network is having some issues to do with a certain vlan and HSRP. We have 2 x 6509 switches as the distribution switches and access layer stacks. HSRP is running between the 2 6509 switches.
    Solarwinds shows the following output when the issues occur
    29/11/2014 16:39:26 192.168.10.2 Warning 1166: 001179: Host 0060.d501.9bcf in vlan 101 is flapping between port Gi0/1 and port Fa0/1
    About the same time a number of ports on vlan 101 on an access switch start dropping and coming up again. This was followed by the two 6509 switches reporting a large number of vlans switch back and forth between active and standby state in HSRP causing considerable problems on the network. We pulled the plug on the access switch but it didn't resolve the problem.
    We had similar behaviour few days ago This time it continued until we shut down one of the 6509s. When we brought it up again la few hours later the problem didn't reoccur. The problem seems to be centred on our vlan 101
    Has anyone experienced these sort of issues before or give me a clue what the issue may be. Seems like issues with vlan 101 cause the hsrp states to change but vlan 101 is not used for hsrp.
    Thanks

    Hi,
    HSRP could be a victim here. Main issue could be related to spanning tree flapping or loop.
    HTH
    Amit

  • Apple USB Ethernet Adapter and VLAN??

    Bought the Apple USB Ethernet Adapter today because my built in ethernetport on my MBP stopped working. What I know I need to replace the motherboard to have it fixed, so I thought the USB adapter could be useful until then.
    But, it didn't work! I only got a "Self assigned ip-address". No matter what I do. I also entered an ip-address manually with no success.
    Later at home I tested again, and Voila!! It worked perfectly!
    Back at the office, same problem... I only get a "Self assigned ip-address"...
    My conclusion of this is that the Apple USB Ethernet Adapter doesn't support VLAN?? Could anyone confirm that or better of, suggest a solution??
    Would appreciate it a lot!
    PS. Yes we do have Wi-Fi, but it's restricted and is not a solution for me. DS.

    Create a new network location and try again.
    https://discussions.apple.com/thread/2624518?threadID=2624518&tstart=45

  • Configuring ssid and vlans on autonomous access point ?

    here is an a demonstration of how to configure vlans and ssid on a auto-ap , what i dont understand is when i configure the ssid under (interface dot11radio0) and the vlan under that command , why do i need to configure sub-interfaces for the "fastethernet" and the "dot11radio0" if i already configured it under the "interface dot11radio0" , why do i need the "encapsulation dotq x" ? and what is bridge-group ?

    If you want to use multiple SSID with multiple vlan, then you have to configure subinterfaces on Radio interfaces (in both Radio 0 & Radio 1 if you want to use both 2.4GHz & 5GHz band) & Ethernet interfaces.
    AP simply bridge wireless traffic to wired interface using these sub-interfaces. To specify which radio sub-interface traffic to map to ethernet sub-interface, a Bridge-Group number (1-255) is used.
    Bridge-Group 1 always used for native vlan traffic & usually used for AP management.
    HTH
    Rasika
    **** Pls rate all useful responses ****

  • 2 SSIDs and VLANs on each AP

    I'm new to configuring IOS wireless APs, in particular, a couple of 1142Ns in autonomous mode and looking for examples/answers. These APs will be connected to the POE ports on an ASA 5505 firewall. I'm also configuring the 5505.
    The requirements are that each AP have an "internal" and "external" SSID and each AP will have two VLANS.
    The APs should allow roaming between them.
    The internal SSID will allow full access to internal corporate networks and the Internet and will use WPA2. It will use the corporate dhcp server or employ the IOS dhcp server to hand out addresses.
    The external SSID will only have access to the Internet and will use WEP. The ASA 5505 will provide dhcp services to these clients.
    The two PoE ports on the ASA 5505 will be trunked for both the inside and dmz VLANS.
    If anyone has examples of any of these requirements, comments, and/or similar config they are willing to share, please post them.
    In particular, I would like to see an examples of the roaming config, VLAN config, SSID config, and WPA2 and WEP config.
    Thanks in advance.

    Hi,
    Cisco terms are sometimes Complex!! In English this means.. "broadcasting the SSID or NOT" if you want your laptop to detect the SSID while searching for wireless then this is called BROADCAST if not then NON-BROADCAST.. the command is.. Guest-mode under SSID config.. that is..
    en
    conf t
    dot11 ssid
    guest-mode                           >>>>>>>>>>>> Broadcasting the ssid
    end
    en
    conf t
    dot11 ssid
    no guest-mode                      >>>>>>>>>>>> Not Broadcasting the ssid (HIDDEN) MANUALLY WE NEED TO  ENTER THE SSID ON THE LAPTOP.
    end
    Lemme know if this answered your question..
    Regards
    Surendra
    ===
    Please rate the posts which answered your quiestion or was helpfull

  • ISE and VLAN assignment

    Hi All,
    Can ISE place a connection into a VLAN based on MAC address? (Both wired and wireless).
    Scenario is as follows:
    •- Users are wired and wireless, distributed around the campus. There are a dozen VLANs, one per closet, that are dedicated to users.
    •- Laptops are bad at least in the mind of the customer. So a laptop (wired or wireless) leaves the campus and returns; possibly with the plague.
    •- For each closet we want to create a “restricted” VLAN for bad laptops; and a “good” VLAN for desktop users.
    •- We have a list of all the laptop MAC addresses; and a list of all the desktop MAC addresses.
    •- Can we see the laptop MAC address logging in; and place that laptop into a relevant “restricted” VLAN, based on location?
    •- Likewise can we see all the other MAC addresses and place the user into a relevant “good” VLAN, based on location?
    Thanks for your comments!
    Andrew

    If you create a rule per location then yes.
    If a rule per location is not suitable then you could use one rule, which dumps them in to a vlan based on the vlan name, but then you obviously need separate vtp domains per location.
    Careful when you dynamically allocate vlans that you may need to change to port bounce for COA to allow DHCP to do its thing, which is a global setting up until version 1.2.
    Version 1.2 also has other flexibilities which might be useful to you (nested rules so I believe you may be able to have one rule with multiple profiles based on location), but I've not played with them too much yet.
    Sent from Cisco Technical Support iPhone App

Maybe you are looking for

  • CRM 5.0 - IC WebClient - Email Profile - (E-Mail Provider)

    Hi Gurus I'm getting an odd Internet Explorer error message when I launch the IC Webclient: Line:     52 Char:     13 Error:     ‘undefined’ is null or not an object Code:     0           The error occurs just after the Identify Account view displays

  • Aperture - Thread 10 Crashed Error - Does anyone know what this means?

    I'm trying to get Aperture to work. I have 2.1.3 installed and I'm using 10.5.7 on a 2.4 Dual Core MacBook Pro (2GB). The application crashes anytime I click on the "+" sign on the Projects or Adjustments tab. Then, I get a general error message that

  • System extension v.5 required ?

    I updated my quicktime but when I try to use it it gives a pop up that says\I need a quicktime system extension version 5 or higher and gives me the www.apple.com/quicktime site to get it but can't figure out what I need or how to install it HELP

  • How do I get my windows 8 computer to recognize my 6th gen ipod nano

    how can i get my windows 8 computer to recognize my 6th gen ipod nano?

  • SWF won't show up in IE7

    I tried to search for htis, but didn't find any solutions. I made a new page with a SWF in it, but it doesn't showup in IE7 when I view it. I have other pages that work, but just not this one. One that works in IE (with other issues) http://www.carra