Assigning VLANs to switchports 2

30362 · Apr 28, 2004

I am attempting to setup a new switch and wanted all 24 FE ports on the same VLAN (not 1), is there any command to change the switchport vlan on all 24 ports?

fynx · Apr 29, 2004

Use the "interface range fas 0/1 - 24" command in config mode. Any commands you enter will be applied to ALL ports.
(as long as you have a late IOS ;o)

Cheers, Fil.

If everything is coming your way then you're in the wrong lane.

dayhawk · May 4, 2004

just be careful, because if you take all of your ports off of vlan1 (the management vlan) you will only have console access to that switch... might not be a prob for you, but FYI just in case....

pmesjar · May 5, 2004

Dayhawk, I must correct you - you can change management VLAN on the switch and because of security concerns, you certainly don't want the management VLAN to be the default VLAN 1. So you are not right - he can take off all ports from VLAN 1 and still keep the remote access to the switch.

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.

dayhawk · May 5, 2004

thanks for the heads up... i've asked people about that before, but apparently they didn't know what they were talking about... how would one go about changing the management vlan?

hunterdw · May 5, 2004

How would you change the management VLAN? I'll answer with an "it depends"

In my situation, the only IP address assigned to my switches is found in VLAN2. I then make sure at least one port has access to both vlan2 and vlan3 (our data vlan). I had to setup intervlan routing...

So, I sit at my laptop.. 192.168.42.xxx and want to control switch-abc (172.16.42.xxx), I telnet/ssh to 172.16.42.xxx and my intervlan routing knows how to go to it.

I know those aren't cookbook type directions, but you are smart enough to create separate vlans (vlan database) and assign IP addresses.

--DW

dayhawk · May 5, 2004

ok, so if all it takes is assigning the switch ip to a different vlan, that's easy enough

30362 · May 6, 2004

question - If I assign all my switchports to a vlan other than 1, create VLAN99 for management and assign it an IP, I cannot ping that vlan ip address from anywhere on my network - I assume that is because I have no hosts assigned to that VLAN?

vipergg · May 6, 2004

Is vlan 99 defined on a router that this switch is attached to ? If you have more than 1 vlan on the switch and you need to route then you must trunk the link so that both vlans can come across from the router to your switch .

30362 · May 7, 2004

vipergg - I have a L3 switch at my core, connected to multiple L2 switches, I setup VTP on the L3 and the VTP domain has successfully propogated to the L2 switches. I haven't limited any vlans on my trunks between the core and the edge switches, and I can ping the L2 switches when I telnet into the core switch but cannot ping the L2 switches with any host connected to the core switch.

hunterdw · May 7, 2004

So, you have an L3... connected to lots of L2. If you are physically on the L3 (telnet/console) you can get to the L2. BUT, any machine connected doens't work.

Sounds like you have routing issues.

Does your routing EVER look to the L3 has a hop? Just because an L3 switch has routing tables that tell it how to get to other VLANs doesn't mean that any device OTHER than that L3 will look at that routing table. Packets don't automatically route... you tell them where to go.

The reason you can do what you describe is that while you are sitting at the L3, you ping and it looks to it's own routing table.

When you have a host attached to the L3, the host will use whatever "next hop" it got from DHCP.

--DW

pmesjar · May 7, 2004

I do not agree you have a routing problem. Going back to your original question:

"If I assign all my switchports to a vlan other than 1, create VLAN99 for management and assign it an IP, I cannot ping that vlan ip address from anywhere on my network - I assume that is because I have no hosts assigned to that VLAN?"

Your assumption is right. Unless you are connecting to the switch from computer connected to a port on a switch assigned to VLAN99, you won't be able to ping or telnet to the switch. Also the switch IP address must be from same subnet as hosts connected to VLAN99.

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.

30362 · May 7, 2004

pmesjar - so if I create a management vlan (say vlan99) and I assign a separate vlan address for vlan99 on each of my switches (all in the same subnet of course), but all my switchports are assigned to a different vlan, how can the concept of a management vlan apply unless I have a host in that vlan?

I guess I assumed that since it was a management vlan I would have nothing in that vlan except the switches...

pmesjar · May 8, 2004

I think you have misunderstood the concept of management VLAN. Management VLAN si for purpose of remote configuration of switches, so you need to have at least one host connected to port in management VLAN having an IP address from management VLAN subnet.

Or set up a router or L3 switch, which will have one of its interfaces connected to management VLAN and you can connect to the switches via router...

Peter Mesjar
CCNP, A+ certified
pmesjar@centrum.sk

"The only true wisdom is in knowing you know nothing.

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Assigning VLANs to switchports 2

30362

MIS

fynx

IS-IT--Management

dayhawk

IS-IT--Management

pmesjar

Technical User

dayhawk

IS-IT--Management

hunterdw

Technical User

dayhawk

IS-IT--Management

30362

MIS

vipergg

MIS

30362

MIS

hunterdw

Technical User

pmesjar

Technical User

30362

MIS

pmesjar

Technical User

Similar threads

Part and Inventory Search

Sponsor