Mike,
As your router acts as the dhcp server, it (the dhcp server) needs to
know about both vlans and the router needs to be told to forward the
DHCP request to the right address (you set this up properly with the ip
helper setting on interface VLAN 2).
With regards to the ping response not being received, my guess is that
you are using the host.0.1 address as source for the ping test, which,
in the new config, is not working anymore (you removed VLAN 1 from all
ports).
My suggestion would be to 1:
* Create a VLAN interface and add the required ports to it:
router
enable
configure
interface VLAN 1
ip address 192.168.26.2 netmask 255.255.255.0 # Just a made up address (added
ON TOP OF the address already set for the HOST)
no shutdown
exit
ip route add default 192.168.26.1 # typed this from the top of my head, but
bottomline is that you need to tell the ROUTER the default gateway, as opposed
to the HOST
exit
!
set vlan create 1
set vlan name 1 "management"
set vlan egress 1 host.0.1 untagged # Here I add the HOST to the management
vlan (I think it's default, but hey, just to be sure)
set vlan egress 1 fe.1.47 untagged # Add the router's port to the managment
vlan (so you can forward traffic there)
!
! Now the host and the router are connected via VLAN 1 (named it management
here, but feel free to use a 'better' name)
! VLAN1 is 192.168.26.0/24 - connected: router + host (C2)
! VLAN2 is 192.168.28.0/24 - connected: every other port except the router and
host (C2)
!
All dhcp traffic on VLAN 2 is sent to the router (using ip helper).
The C2 should now be reachable via both the HOST address
(192.168.26.135) and the VLAN 1 interface address (192.168.26.2).
For the devices connected to port 10, you could:
1) create a static assignment in the dhcp server.
2) create a filter that does not allow dhcp traffic to originate from
that port.
Hope this helps and clarifies things a bit. (I am still not fully
understanding the host.0.1 usage, but think it's a legacy from the old
cabletron/riverstone hardware, which had a seperate (physical) interface
for it).
Good luck,
Dennis
On 09/13/2010 09:50 PM, Mike Hall wrote:
Hi Dennis,
Forgive my lack of knowledge as I am an old phone guy migrating to the data
side. lol
Yes, I am pinging the devices that are connected to the port. For instance, I
have a router plugged into port 47. This router is also my DHCP server for
now. I would like all ports to be able to grab an IP address from this
router/dhcp server. All, except port 10.
Port 10 needs to have an IP address 192.168.28.x. Port 10 will be plugged into
a dumb mini switch with three other Phone system devices on it. The phone
system's IP addresses are 92.168.28.20-22.
The phone system will need internet access out port 47. Thus my project.. To
make the pbx talk to the internet as well as have other ports on subnet 26.x
talk out port 47 as well.
Any help is GREATly appreciated.
Mike
-----Original Message-----
From: Dennis Roos [mailto:[email protected]]
Sent: Monday, September 13, 2010 2:21 PM
To: Enterasys Customer Mailing List
Subject: Re: [enterasys] C2 VLAN
Mike,
I'm not entirely sure on this one (got in the habit of not using VLAN 1
over 10 years ago ;)) but vlan if I recall correctly, VLAN 1 is treated
special in the 802.1Q specs.
Also, by 'pinging ports', I assume you're trying to ping the devices
connected to the port ?
Is the mac-address of the device you're testing with registered on the
port you connected it to ?
From what I can recall working with enterasys equipment, the host
address is treated special (the address set with set ip address ...) and
needs to be assigned to a specific VLAN using:
set port vlan host.0.1 VLANID
Next on my todo list on enterasys equipment is the creation of the
VLAN's and removing VLAN1 from used ports:
# vlan
set vlan create 10-11
clear vlan egress 1 host.0.1;ge.1.1-4,6-9,13-17
set vlan egress 10 ge.1.1 untagged
set vlan egress 11 host.0.1;ge.1.2-3 untagged
A last thing I noticed in the config you gave is that you clear vlan 1
from all interfaces, great, but that would mean that the host ip you've
set is not being used and could be the root cause of the problem.
Good luck,
Dennis Roos
On 09/13/2010 04:06 PM, Mike Hall wrote:
OK..
I did all the commands you suggest below. (I am using VLAN 1& 2 instead of your example of 26&
28). The only command that didn't work is the " set vlan egress fe.1.47 1,2 tagged". It says,
"Invalid Media in [port-string]". (port 47 is connected to the internet)
I logged into the C2 via the console and can ping ports on both VLANs.
However, I still cannot ping the laptop plugged into port 10. Port 10 has an
IP of 192.168.28.10 and I ping this fine from the console) I gave the laptop
an IP of 192.168.28.11, and it is plugged directly into port 10.
Below is the new configuration of the C2. Any suggestions on how to get the
laptop talking on the network? Thanks very much!
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->
C2(su)->show config
This command shows non-default configurations only.
Use 'show config all' to show both default and non-default configurations.
begin
!
#***** NON-DEFAULT CONFIGURATION *****
!
!
#Router Configuration
router
enable
configure
interface vlan 2
no shutdown
ip address 192.168.28.10 255.255.255.0
ip helper-address 192.168.80.250
ip helper-address 192.168.26.1
exit
exit
exit
exit
#arp
!
#arpinspection
!
#banner
!
#cdp
!
#ciscodp
!
#console
!
#dhcps
!
#dhcpsnooping
!
#eapol
!
#flowcontrol
!
#garp
!
#gvrp
!
#history
!
#igmp
!
#inlinepower
!
#ip
set ip address 192.168.26.135 mask 255.255.255.0 gateway 192.168.26.1
!
#ipv6
!
#lacp
!
#length
!
#lldp
!
#linkflap
!
#logging
!
#logout
set logout 60
!
#mac
!
#macauthentication
!
#maclock
!
#mtu
!
#multiauth
!
#newaddrtrap
!
#nodealias
!
#cos setting
!
#cos state
!
#cos port-config
!
#cos port-resource
!
#cos reference
!
#policy
!
#port
set port vlan fe.1.2 2
set port vlan fe.1.3 2
set port vlan fe.1.4 2
set port vlan fe.1.5 2
set port vlan fe.1.6 2
set port vlan fe.1.7 2
set port vlan fe.1.8 2
set port vlan fe.1.9 2
set port vlan fe.1.10 2
set port vlan fe.1.11 2
set port vlan fe.1.12 2
set port vlan fe.1.13 2
set port vlan fe.1.14 2
set port vlan fe.1.15 2
set port vlan fe.1.16 2
set port vlan fe.1.17 2
set port vlan fe.1.18 2
set port vlan fe.1.19 2
set port vlan fe.1.20 2
set port vlan fe.1.21 2
set port vlan fe.1.22 2
set port vlan fe.1.23 2
set port vlan fe.1.24 2
set port vlan fe.1.25 2
set port vlan fe.1.26 2
set port vlan fe.1.27 2
set port vlan fe.1.28 2
set port vlan fe.1.29 2
set port vlan fe.1.30 2
set port vlan fe.1.31 2
set port vlan fe.1.32 2
set port vlan fe.1.33 2
set port vlan fe.1.34 2
set port vlan fe.1.35 2
set port vlan fe.1.36 2
set port vlan fe.1.37 2
set port vlan fe.1.38 2
set port vlan fe.1.39 2
set port vlan fe.1.40 2
set port vlan fe.1.41 2
set port vlan fe.1.42 2
set port vlan fe.1.43 2
set port vlan fe.1.44 2
set port vlan fe.1.45 2
set port vlan fe.1.46 2
!
#prompt
!
#pwa
!
#radius
!
#rmon alarm
!
#rmon capture
!
#rmon channel
!
#rmon event
!
#rmon filter
!
#rmon history
!
#rmon stats
!
#snmp
set snmp access ro security-model v1 exact read All notify All nonvolatile
set snmp access ro security-model v2c exact read All notify All nonvolatile
set snmp access public security-model v1 exact read All write All notify All non
volatile
set snmp access public security-model v2c exact read All write All notify All no
nvolatile
set snmp access public security-model usm exact read All write All notify All no
nvolatile
set snmp community :3fb03022e4966512343b511c263dcf1240739359ec6cad7d8c6277007e7e
0657521e0641967b150156:
set snmp group ro user ro security-model v1
set snmp group public user public security-model v1
set snmp group ro user ro security-model v2c
set snmp group public user public security-model v2c
set snmp group public user public security-model usm
set snmp user public authentication md5 :3f1357d0d919d45f7b021886721fb6b6: priva
cy :3f1357d0d919d45f7b021886721fb6b6:
set snmp view viewname All subtree 1
!
#sntp
!
#spantree
!
#ssh
!
#ssl
!
#summertime
!
#system
set switch member 1 5
!
#telnet
!
#tftp
!
#timezone
!
#vlan
set vlan create 2
set vlan name 2 "mike"
clear vlan egress 1 fe.1.1-46
set vlan egress 2 fe.1.1-46 untagged
!
#vlanauthorization
!
#webview
!
#width
!
end
C2(su)->
-----Original Message-----
From: Egbert Rodriguez [mailto:[email protected]]
Sent: Saturday, September 11, 2010 10:10 AM
To: Enterasys Customer Mailing List
Subject: Re: [enterasys] C2 VLAN
Hi Mike!
I'm kind newbie too, but I will advice you what already learned to make this
happens.
Creating two vlans with their respective interface for communicate between each
ip scope.
set vlan create 26,28
set host vlan 26
In router mode:
interface vlan 26
set ip address 192.168.26.1 mask 255.255.255.0
no shutdown
interface vlan 28
set ip address 192.168.28.10 mask 255.255.255.0
ip helper-address<ip address of dhcp server>
no shutdown
In dhcp server port connected on Switch:
set vlan egress fe.1.x 26,28 tagged
set port vlan fe.1.x 26 no-modify-egress
*** the dhcp server must contain the two scopes with the router option been the
same of the interface created in the switch. The tagged command is saying that
will pass two or more vlans from that port. The no-modify-egress will change
the pvid value from 1 to 26. ***
In user ports connected on switch:
set port vlan fe.1.10 28 modify-egress
*** the vlan value will change according the user port ***
With this config you will be able to reach the dhcp server if you already have
one on vlan 26 from vlan 28
Hope this work,
Egbert
Sent from my iPhone
On Sep 11, 2010, at 10:32 AM, Mike Hall<[email protected]> wrote:
OK..Thanks William.
Here is the config. Ideally, I would like to reach the VLAN 2 from my router
which is 192.168.26.1. The C2 IP is 192.168.26.136 and VLAN two is
192.168.28.10.
C2(su)->show config
This command shows non-default configurations only.
Use 'show config all' to show both default and non-default configurations.
begin
!
#***** NON-DEFAULT CONFIGURATION *****
!
!
#Router Configuration
router
enable
configure
interface vlan 2
no shutdown
ip address 192.168.28.10 255.255.255.0
exit
exit
exit
exit
#arp
!
#arpinspection
!
#banner
!
#cdp
!
#ciscodp
!
#console
!
#dhcps
!
#dhcpsnooping
!
#eapol
!
#flowcontrol
!
#garp
!
#gvrp
!
#history
!
#igmp
!
#inlinepower
!
#ip
set ip address 192.168.26.135 mask 255.255.255.0 gateway 192.168.26.1
!
#ipv6
!
#lacp
!
#length
!
#lldp
!
#linkflap
!
#logging
!
#logout
set logout 60
!
#mac
!
#macauthentication
!
#maclock
!
#mtu
!
#multiauth
!
#newaddrtrap
!
#nodealias
!
#cos setting
!
#cos state
!
#cos port-config
!
#cos port-resource
!
#cos reference
!
#policy
!
#port
set port vlan fe.1.10 2
!
#prompt
!
#pwa
!
#radius
!
#rmon alarm
!
#rmon capture
!
#rmon channel
!
#rmon event
!
#rmon filter
!
#rmon history
!
#rmon stats
!
#snmp
set snmp access ro security-model v1 exact read All notify All nonvolatile
set snmp access ro security-model v2c exact read All notify All nonvolatile
set snmp access public security-model v1 exact read All write All notify All non
volatile
set snmp access public security-model v2c exact read All write All notify All no
nvolatile
set snmp access public security-model usm exact read All write All notify All no
nvolatile
set snmp community :3fb03022e4966512343b511c263dcf1240739359ec6cad7d8c6277007e7e
0657521e0641967b150156:
set snmp group ro user ro security-model v1
set snmp group public user public security-model v1
set snmp group ro user ro security-model v2c
set snmp group public user public security-model v2c
set snmp group public user public security-model usm
set snmp user public authentication md5 :3f1357d0d919d45f7b021886721fb6b6: priva
cy :3f1357d0d919d45f7b021886721fb6b6:
set snmp view viewname All subtree 1
!
#sntp
!
#spantree
!
#ssh
!
#ssl
!
#summertime
!
#system
set switch member 1 5
!
#telnet
!
#tftp
!
#timezone
!
#vlan
set vlan create 2
set vlan name 2 "mike"
clear vlan egress 1 fe.1.10
set vlan egress 2 fe.1.10 untagged
!
#vlanauthorization
!
#webview
!
#width
!
end
C2(su)->
-----Original Message-----
From: William Olive [mailto:[email protected]]
Sent: Friday, September 10, 2010 10:15 PM
To: Enterasys Customer Mailing List
Subject: RE: [enterasys] C2 VLAN
A post of your config will help.
Billo
Data Communications Co-Ordinator
Information Technology& Telecommunications
Hunter New England Health Service
ph 0249 213804 fax 0249 213038
[email protected]
________________________________________
From: Mike Hall [[email protected]]
Sent: Saturday, 11 September 2010 8:54 AM
To: Enterasys Customer Mailing List
Subject: re:[enterasys] C2 VLAN
Hello,
I'm a new-bee here and was hoping to get help on setting up a vlan on port 10
of a C2. I have an IP of 192.168.28.10 on this port 10 and can ping it from
the host.
The Host IP is 192.168.26.135. However, if I put a laptop into port 10 and
give it an ip address of 192.168.28.11, I cannot ping it from the host (or vice
verse). Any idea what I am missing?
Thanks
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
---
To unsubscribe from enterasys, send email to [email protected] with the body:
unsubscribe enterasys [email protected]
