We've lost our vendor help on configuring firewalls and switches. I've been learning using the 'over the shoulder' learning technique, and was able to get a pretty good handle on things, but I'm stuck now. My objective is to create a VLAN/DMZ for our camera surveillance system - to allow for internet access inside for control.
I created a VLAN 66 on the Firewall/Router (CISCO 2821) with an IP address; but it doesn't seem to be communicating between the Router/FW and the Switch. I'm sure I'm missing something simple, but still hoping someone can point out my blunder.
conf t
VLAN 66
Name VLAN0066
IP ADDRESS xx.xx.xx.254
NO SHUT
exit
exit
On the switch (CISCO 2960G), I also created a VLAN 66.
Conf t
VLAN 66
Name VLAN0066
IP ADDRESS xx.xx.xx.253
exit
int gi 0/12
switchport mode access
switchport access vlan 66
no shut
exit
Here's the FW/ROUTER config for VLAN 66:
CWA-PLANT-FW#sho int vlan 66
Vlan66 is up, line protocol is down
Hardware is EtherSVI, address is 0019.5550.21b0 (bia 0019.5550.21b0)
Description: VideoPivot
Internet address is xxx.xxx.xxx.254/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
897 packets output, 69001 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
SWITCH CONFIG:
CWA-PLANT-A#sho int vlan66
Vlan66 is up, line protocol is up
Hardware is EtherSVI, address is 001b.0c4b.9cc3 (bia 001b.0c4b.9cc3)
Description: VideoPivot
Internet address is xxx.xxx.xxx.253/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:03:12, output 00:44:10, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
93 packets input, 12508 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
73 packets output, 5686 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
ANY help would be MOST APPRECIATED!
TIA,
Krista
I created a VLAN 66 on the Firewall/Router (CISCO 2821) with an IP address; but it doesn't seem to be communicating between the Router/FW and the Switch. I'm sure I'm missing something simple, but still hoping someone can point out my blunder.
conf t
VLAN 66
Name VLAN0066
IP ADDRESS xx.xx.xx.254
NO SHUT
exit
exit
On the switch (CISCO 2960G), I also created a VLAN 66.
Conf t
VLAN 66
Name VLAN0066
IP ADDRESS xx.xx.xx.253
exit
int gi 0/12
switchport mode access
switchport access vlan 66
no shut
exit
Here's the FW/ROUTER config for VLAN 66:
CWA-PLANT-FW#sho int vlan 66
Vlan66 is up, line protocol is down
Hardware is EtherSVI, address is 0019.5550.21b0 (bia 0019.5550.21b0)
Description: VideoPivot
Internet address is xxx.xxx.xxx.254/24
MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output never, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
897 packets output, 69001 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
SWITCH CONFIG:
CWA-PLANT-A#sho int vlan66
Vlan66 is up, line protocol is up
Hardware is EtherSVI, address is 001b.0c4b.9cc3 (bia 001b.0c4b.9cc3)
Description: VideoPivot
Internet address is xxx.xxx.xxx.253/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 10 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:03:12, output 00:44:10, output hang never
Last clearing of "show interface" counters never
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
93 packets input, 12508 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicast)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
73 packets output, 5686 bytes, 0 underruns
0 output errors, 1 interface resets
0 output buffer failures, 0 output buffers swapped out
ANY help would be MOST APPRECIATED!
TIA,
Krista
![[americanflag]](/data/assets/smilies/americanflag.gif "[americanflag] [americanflag]")
Go Army!