VLAN Setup for VMware

I'm new to creating VLANs on a Cisco switch, and I'm trying to create VLANs using the SG 300-10 for a VMware environment. I'd like to use Virtual Switch Tagging on the ESX hosts, so I can use many VLANs over few physical NICs. Plus using VST, I can just specify the VLAN ID (setup on the physical switch), on the port group for each VLAN.
I've changed the SG 300 to layer 3, as I'd like inter-routing between my VLANs. This is the type of setup I'm looking for:-
VLAN1 - Default
VLAN 10 (192.168.10.1) to 20 (192.168.20.1) linked to ports GE3 & GE4. I've connected port GE3 to ESX1 (vmnic2) and port GE4 to ESX2 (vmnic2)
The problem is when I check my physical network adapters (i.e. vmnic2) in vSphere, the IP Ranges for observed traffic in every VLAN specified for the configured port are not showing (i.e. networks 192.168.10.1 to 192.168.20.1)
I have attached screen captures of all my setup & configuration so far, I'm obviously making a mistake...
Could someone please advise what I'm missing?
Thank you

Similar Messages

VLan setup for a 2950 and 2611

Im trying to setup a real basic VLan setup for 1 2950 switch. I would like to have 3 Vlans on it including the default Vlan. So my understanding is that for all 3 of the VLans to talk to each other I will need a router to be the layer 3 device that routes the Vlans.
On my 2611 it looks like this:
interface Ethernet0/0
no ip address
full-duplex
interface Ethernet0/0.1
encapsulation dot1Q 1 native
ip address 172.16.10.1 255.255.255.0
no snmp trap link-status
interface Ethernet0/0.2
encapsulation dot1Q 2
ip address 172.16.20.1 255.255.255.0
no snmp trap link-status
interface Ethernet0/0.3
encapsulation dot1Q 3
ip address 172.16.30.1 255.255.255.0
no snmp trap link-status
Then my 2950 looks like this:
interface FastEthernet0/1
description Connection to router
switchport mode trunk
speed 10
duplex full
interface FastEthernet0/2
switchport access vlan 2
interface FastEthernet0/3
switchport access vlan 3
interface Vlan1
ip address 172.16.10.2 255.255.255.0
no ip route-cache
ip default-gateway 172.16.10.1
Ok so as it currently stands the switch and router will not talk to each other at all. From the switch I can not ping the router and vice a versa. If I plug a laptop into one of the ports using VLan1 I can ping the switch IP 172.16.10.2 but obviously can not ping the default gateway which is the router...
I didnt think this looked very hard but for some reason it does not want to work for me at all...
Any ideas?
LR

I have two things you might try. First set your trunking interface on your switch to auto.
interface fastethernet 0/1
speed auto
duplex auto
This will help to make sure that the ethernet on the 2611 will negotiate the duplex with the switch. I've had issues with 2611's trying to do full duplex on there ethernet ports.
Another Option turn on CDP on your router and switch and do a show cdp neighbor to make sure there plugged into the right ports.
Three you could move the vlan 1 ip address on the 2611 to the main interface. Example below. Then try pinging the switch. Your other tagged vlans should still work at that point. Also if you have multiple switches make sure to setup Vlan Trunk Protocol see NOTE A.
no interface Ethernet0/0.1
no encapsulation dot1Q 1 native
no ip address 172.16.10.1 255.255.255.0
no snmp trap link-status
interface Ethernet0/0
ip address 172.16.10.1 255.255.255.0
NOTE A
Add the following commands to each switch to setup your Vlan Trunk Protocol. These are pretty much the minimum amount of commands you can use to setup VTP.
vtp domain CISCO1
vtp version 2

SG300 recommended setup for single vlan

I have 4 SG300 switches running in their default configuration.
I have a single subnet and have been working just fine.
I tried expanding my subnet from a /24 to a /23 but am having trouble communicating between old and new parts of the subnet. Pings to the new part of the subnet work once or twice then stop.
What kind of setup is recommended for this? Apparently the default config is blocking traffic to the new addresses, but I don't know why.
I did verify that putting a single dumb switch in place fixes the problem. I thought the default config fo these switches basically acts like a dumb switch, but I guess not.
I also noticed that when pings stop going, if I look at the arp -a on the source PC, the MAC of the destination is a single Cisco brand Mac for ALL the devices on the new part of the subnet.
I do understand IOS Vlan setups, but I'm consfused by the GUI terminology. And don't know whether I can just continue using the single default VLAN or if I should create a new one.

Hello Chris,
One thing that stood out to me was you said you are unable to ping from the old part of the subnet to the new, by that do you mean from clients still in the /24 to the /23? Because they won't be able to communicate with each other unless the switch has a default gateway configured. The switch doesn't do any routing, so it has to send traffic for a different subnet to some sort of router that knows where that other network is.
There is a setting under Administration > Management Interface > IPv4 Interface. After you setup a static IP for the switch and change it's prefix length to 23 you can specify a default gateway for the switch. At that point (assuming your router is setup correctly) you should be able to ping from the /24 to the /23 addresses.
I got this info from page 257 of the admin guide, where there is a note about inter-subnet communication. That guide is available here:
http://www.cisco.com/en/US/docs/switches/lan/csbms/sf30x_sg30x/administration_guide/78-19308-01.pdf
I'm assuming however you will eventually be transitionin your entire network to /23, in which case just make sure everyone is on the same subnet mask and they will be able to communicate just fine, even without a router.
Hope that helps, but if I got something wrong somewhere let me know and I will take another look.
Christopher Ebert
Network Support Engineer - Cisco Small Business Support Center
*Please rate helpful posts*

VLAN tagging for Desktops

I have a test VDI 3.1.1 system set up and I have to say, I'm quite impressed. In about a day, I was able to serve Windows 7 desktops, something we can't do with our current VMware View setup. One apparent limitation I have run into, however, is 802.1q VLAN tagging support for Desktop NICs. I have created a 2-way aggregate on nxge0 and nxge1. The portchannel these are connected to is set up for 802.1q tagging, and Solaris is plumbed with aggr13001 to tag its packets with VLAN 13, for example. However, traffic from Desktops is not so tagged, so its packets go nowhere. Is there any way to define a VLAN for a given Desktop Pool? This is important for us, as we tend to keep server systems on campus-only subnets, while desktops get Internet-routed addresses.
Thanks,
Charles

Aggregation shouldn't have any adverse effect here. You need to configure VDI to use the correct VLANs on a per Pools basis. In the VDI Manager first navigate to the Desktop Provider -> Networks tab and 'Refresh' the networks. This will scan all VirtualBox hosts in the provider for currently plumbed interfaces, each of which will be listed by their subnet.
After all networks are detected navigate to the Pool -> Settings tab and select 'Host Networking' followed by the required subnet(s). The primary subnet listed here is used for RDP connections.

RAC setup on VMware Workstation is possible?

Hi,
Is it possible to create a RAC setup on VMware workstation(VMware-workstation-6.5.1-126130) or VMware server is mandatory for such a setup.
My planned RAC setup will as show below.
OS:Enterprise-R5-U2-Server-i386
Oracle clusterware:10201_clusterware_linux32
Oracle Database:10201_database_linux32
I am planning to store OCR and Voting disks on shared RAW devices and database files on ASM.
Thank You and Regards...

Yes its possible to install it over workstation. There is as such o difference in both the products except that server is free but workstation is paid. Otherwise, both are virual machine softwares.
HTH
Aman....

300 Series Switch VLAN Setup

Hello,
I am trying to setup vlans on sf 302 switch and been unsuccesful. My idea is having 2 separate networks and both connecting to internet
192.168.2.0/24 Gaming Network
192.168.3.0/24 Work Network
Router ( Linkys) connected to port 8 on the switch - 192.168.4.1
I have attached the serial cable and made the following changes
Creating VLAN's
Created Vlan 20 for gaming network
#config t
#vlan database vlan 20
exit
Created Vlan 30 for work
#config t
# vlan database vlan 30
#exit
Asigned ports to VLAN's
#config t
# int fa2
# switchport mode access
# switchport access vlan 20
#exit
#config t
#int fa3
# switchport mode access
# switchport access vlan 30
#exit
Assigning IP address to VLAN
#conf t
#int vlan 20
# ip address 192.168.2.1 255.255.255.0
#end
#conf t
#int vlan 30
# ip address 192.168.3.1 255.255.255.0
#end
I am stuck after this. Now i want to connect vlan 20 and vlan 30 on to router attached to port8 on switch so that computers on both vlans have access to internet. The IP address of router is
192.168.4.1.
Please explain what needs to be done to acomplish this.
Thanks
Maakri

Hello Randy,
The switch is already set to router mode.
I have attached a belkin router on port 8 of the switch. The LAN IP of router is 192.168.4.2
On the switch I have configured port 8 as follows
#int fa8
#ip address 192.168.4.1
# switchport mode trunk
#switchport trunk allowed vlan add vlan 20
#switchport trunk allowed vlan add vlan 30
#no shutdown
#exit
#ip routing
From PC connected to vlan 20 and VLAN30 I can ping 192.168.4.1 but not 192.168.4.2. I want to access internet from my PC's on Vlan20 and VLAN30
I can ping PC in vlan30 from my pc in Vlan20 but cant access the router IP and so no internet. What am I missing? Please let me know
Thank you
Maakri

CSS11501 - VIP Setup for DR in Active/Active Mode

I have the following request from the Email team:
EXISTING - CSS at Site A (in one-armed mode) supports "webmail" app for the following ports:
- content webmail_http, port 80
- content webmail_https, port 443
- content webmail_imap, port 143
- content webmail_imaps, port 993
- content webmail_pop3s, port 995
NEW - Adding 2nd CSS at Site B support the same app/tcp ports with new servers/mailboxes at site B
Site A & Site B are physically/logically separated by a MAN (behind different WAN/LAN routers/switches, in different IP subnet/vlan).
Want to setup DR in active/active mode, ie. both CSS's at Sites A & B support "webmail" VIP - load sharing.
How would CSS config be setup for this request:
Main VIP - "webmail"
Load sharing between 2 VIP's - "webmail_siteA" & "webmail_siteB" from 2 CSS's at different sites?
Pls help.
Regards,
Diane Ly

Hello Diane
There are 3 different ways to handle an active/active setup - you can use 'VIP and interface redundancy', GSLB on the CSS ,or a GSS and CSS combination.
Vip and interface Redundancy:
http://cco/en/US/products/hw/contnetw/ps792/products_configuration_example09186a00802206a3.shtml
CSS GSLB:
http://cco/en/US/products/hw/contnetw/ps792/products_configuration_example09186a00801dcd75.shtml
GSS/CSS Combo:
There are no direct examples, but in effect, you would have 2 different domains, one for each site. The answers for those domains would be vips and based on both Kal-Ap and rtt from the client to each answer (hence if a site goes down, the client will be directed to the other side.) With this mode, the CSS's can be configured for no redundancy/awareness of eachother at all if that is what is desired.
Kal-Ap-
http://www.cisco.com/en/US/products/hw/contnetw/ps4162/products_configuration_example09186a00801f230e.shtml
On a sidenote, the CSS has a vast technical library with sample configs located here:
http://www.cisco.com/en/US/products/hw/contnetw/ps792/prod_configuration_examples_list.html
Regards,
Chris Higgins

VLAN setup at home

I'm definitely out of my comfort zone here...but after reading a bit, I think a VLAN setup is what I'm after. I'd like 2 networks at my house sharing the internet connection. One network for my computers, One network for my kids. The purpose is security...my kids have been bringing home biological virus' since they were tiny...I'm certain they're the ones who'll let something in the house now as well.
I have a WRVS4400N small business router with VLAN capability. I've explored the setup pages and can't make heads or tails of what I'd need to do there. I've set up 2 BSSID's and isolated them, next I'd like to set up the vlans and assign the bssids to them. Can someone look at this setup pic and walk me through this? I appreciate the education!
Alternatively, if vlan is not the solution for my purpose, I'm open to suggestions. Thank you for your consideration.
-Scott

These might help.
https://www.myciscocommunity.com/message/36120;jsessionid=31011407BD6D879C90AF5B18540D3634.node0
https://www.myciscocommunity.com/thread/7996;jsessionid=8844A249A148FC7E71732CEBFA84EE42.node0?tstart=-1
http://www.cisco.com/en/US/docs/routers/csbr/wrvs4400n/administration/guide/WVRS4400N_Admin_Guide_v2.pdf
Shell.

SLM 2024 vlans setup

Hi,
I purchased the SLM2024 switch recently, but still not able to get it works in vlans setup. Appreciate if someone can help me on this.
I have configured my router to have two vlans in two interfaces. Each vlan will serve as dhcp server with subnet .10 and .20. I would like to segregate my switch into 2 different vlans, then connect the dhcp interface from my router to each one of the vlan on my switch. So I can have two vlans on switch serve two subnets. How can I do it? I'm new to cisco product, hope someone can guide me thru the setup.
Thanks,
Jim

Hi Ishal, disconnect the switch from all network elements. Reboot the switch. Attach 1 computer to the switch and assign a static IP address on the 192.168.1.x subnet and try to access the switch. Ensure you do not have any wireless connection active on the computer you're using.
-Tom
Please mark answered for helpful posts

VLAN setup on SF302-08P switch

I have the following setup using two SF302-08P PoE switches:
1st floor
=========
Switch #1 <-------> private network
<-------> public network
2nd floor
=========
Switch #2 <-------> private network
.... public network (visible but devices can't connect)
I have tried to make the config in switch #2 identical to switch #1, but something is still wrong.
Is this most likely a VLAN setup problem, or what?
Thanks.
Ken Watkins

Tom,
Thanks so much for your help. In my case, the second VLAN is VLAN 50. Here are the pics of what I think you are talking about through the web interface. Do these look like what you are suggesting?
Thanks again.
Ken

SRW224G4P VLAN Setup...

Hi Everyone,
New to VLANS and just wanted some guidance.
We have a Billion Router - connected to a Watchguard which connects to the SRW224G4P switch.
We have two offices that both require internet access but should not be able to see each other.
I would like to put VLANs on 2 ports so that for example Port 3 cannot see Port 4 but they can both access the internet.
Is this possible? How is it done?
Thanks
Ed

By default the switch creates one VLAN: VLAN1 which is the management VLAN (i.e. the VLAN on which you can access the switch interface).
I would suggest you create two additional VLANs to keep the web interface out of the office VLANs for security reason (to prevent people from hacking into the switch and sniffing traffic). Let's say you create VLAN 2 and VLAN 3.
Next you configure your ports. You have to decide to which VLAN each port should belong to. If you use 3 VLANs 1,2,3 remember to keep one port in VLAN1 for management purposes. For each port you configure it into "Access" mode and make it member of the VLAN to which it belongs to, for example, port 3 in access mode and member of VLAN 3 puts "port 3 into VLAN 3". A VLAN is always untagged member of an access mode port.
One port is reserved for the connection into your watchguard, let's say port 28. You configure port 28 into "trunk mode". Then you add all your VLANs to this trunk mode port, i.e. you add VLAN 2 and VLAN 3 which will automatically added as tagged VLANs. VLAN 1 is already untagged member by default on a trunk mode port.
The port on the watchguard must be configured identically: i.e. also in trunk mode with VLAN 1 untagged and VLAN 2 & 3 tagged, PVID 1. This will run all the VLANs through to the watchguard. Unless the watchguard is a transparent firewall it should be setup for routing of VLAN, i.e. you have to create VLAN interfaces in each VLANs with distinct IP subnets. Set up filtering rules to prevent routing between VLANs.
That should be about it.

Cisco vlan setup w a windows 2003 dhcp server help

Can anyone give me some tips or point me to some documentation on setting up a catalyst 4500 series w vlans and a windows 2003 server w associated dhcp scopes? Just for curiosity, what is a good vlan design for a college. I was thinking a student, a staff, a faculty, and a guest and or mgmt vlan. Also, on the guest vlan how would I setup an outbound acl to only allow port 80 traffic? Thanks in advance.

Hi
Try to limit the number of users per vlan to no more than a class C subnet if you can. We use half a class C /25 network in our offices.
If you can break up the vlans to match the different type of users then that would be a good start. It means you can further down the line apply different security policies to the different vlans which in your situation you may well want to do. Don't worry if for example you need to use 2 or 3 vlans for students it's not a problem.
Attached is a link for 4500 configuration. You need to look at the following chapters primarily
1) Configuring VLAN's VTP & VMPS.
2) Configuring Layer 3 interfaces. Look at the section on logical layer 3 SVI's.
http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/conf.html
On the guest vlan you would need something like (assuming guest vlan subnet range is 192.168.1.0/24
access-list 120 permit tcp 192.168.1.0 255.255.255.0 any eq www
access-list 120 deny ip 192.168.1.0 255.255.255.0 any
and apply it on the inbound vlan interface. ie. if your vlan for guest users is vlan 20
switch(config)# vlan 20
switch(config-if)# ip access-group 120 in
As for the W2003 server, not done much with windows. You will need DHCP manager which should be under admin tools. Make sure you exclude the addresses for each subnet that you allocate to the 4500 layer 3 interfaces ie
switch(config)# vlan 20
switch(config-t)# ip address 192.168.1.1 255.255.255.0
In your DHCP scope 192.168.1.1 will be the default gateway for your clients and you should exclude this from the scope.
Hope this is enough to get you started
Jon

HT4557 whats the best itunes/appleID setup for family of 3 with 3 ipads, 3 iphones, one PC with all music on. if we use 3 separate ones how do we share purchased and home content?

been with apple for years. one itunes/appleID in use for family - all purchases and downloads on the one account..
now got 3 ipads, 3 iphones and when we update the software, we seem to get text/facetime issues due to multiple email addresses and phone numbers for the different devices that each individual uses. For example, I send a text and it appears to have come from my wife or son to the recipient. Not good !
there seems to be direction from apple that each of us should use our own apple id, thogh how do I link the accounts so enable family sharing of music/media we have purchased etc - Id also like to be able to review and keep a private eye on what my son downloads as he is 11 yrs old ! I manage this currently as we allow him access to the password for itunes (as we all use the same id today)
Am i better setting up accounts for my wife and son independent of my own, or not. Each of us would like access to the family content we have and the master library of synced content. I just want the most simplistic approach that apple, or others would recommend.
Is there a better or optimum setup for a family as we cannot be alone.....

Thanks for the help, but a follow up question now.
My iPhone won't arrive for a little while, but my wife already got hers and she wants to set it up now. Using my Apple ID for the purchases, if she starts setting hers up, can she change her iCloud ID to something else quickly? It keeps telling us that we have to sign in with the AppleID first.
Should we just set up an iCloud account via normal internet before trying all this via iPhone?

What is icloud setup for Multiple users, multiple devices in family?

What would be the recommended setup for iCloud to allow family members with multiple devices and multiple iTune accounts to share purchases, sync there own mail account, contacts, and reminders with multiple devices, and be able to sync calenders with all family calendars? Or better yet how can family members pick and choose what to sync with a common iCloud account?

I'd like to know this to.
We have 1 mac mini that serves as a media station that streams audio to Zeppelin air and photos & movies to our TV.
My wife buys music on her iPhone. And takes pictures of the family.
I buy apps and music on my iPad. And make movies of the family.
I have a macbook pro ( itunes with home sharing, iphoto home sharing ).
She has a nice macbook ( itunes with home sharing, iphoto home sharing ).
What we would want is that the mac mini collects all music / videos / media and streams it to all our apple devices via wifi ( not via internet ). But I with my appleID and she with her appleID.
I wonder is Apple can make an GUInterface that I can understand to solve this.
This iCloud seems not too suited.
For families it would be easier if iOS5 would have 'home sharing' with upload and not transfer everything to CA first.

VPN Client and Setup for RV042

Is there a definitive setup for a small VPN using the RV042?
Situation is 2 remote users wish to get access to a non server (W7P) pc to access files.
The end point doesn't have a static IP but I've put in a DYNDNS.org so it reports back the IP and I can access the router at least from outside.
I can setup VPN users but is there more to do?
Wish to use QVPN client or advise alternative.
Appreciate all input.
Thanks
Bruce

Bruce,
QuickVPN normally works well for what you wish to do. Make sure that the Windows Firewall is ON in Windows 7 and Windows Vista clients. Turn off all antivirus and third party firewall software as well at least until you have verified that you have a successful connection. It is very easy to set up, just create a username and password in the router. If you run into trouble, post here or call your local Small Business Support Center:
http://www.cisco.com/en/US/support/tsd_cisco_small_business_support_center_contacts.html

VLAN Setup for VMware

Similar Messages

Maybe you are looking for