Solved Configuration issues on layer 3 Cisco switch 3560

December 22, 2014 at 00:02:02
Specs: Windows 7 64, I5 Intel/ 6GM
Lab environment equipment I'm using

Cisco Switch 3560 - 24 POE x 2
Cisco Router 2800 series with call manager
Wireless netgear router
Cable modem

I would like to setup a lab with Voip phones and client machines that will be located in different areas of a building.

Main Floor is point of presence location with cable modem plugged into wireless router.

Wireless router hub > Plugged into Cisco 2811 series router and then pushed into 1st Cisco 3560 switch to push internet services out thru the switch.

2nd floor has a Cisco 2960 switch that I may replace with a Cisco 3560 just to allow layer 2 and 3 as the others do. Just clients

3rd location is Cisco 3560 switch and voip phones with 3 clients

I had internet services from main floor to the 3rd location however no voip services the phones arent communicating back to the call manager thru the switch.

switch # 3 is trunked thru switch 2 and switch 2 is trunk to switch 1 not sure if this is correct??

I have voip services on main floor just need to figure out configurations for other 2 switches and I also learning and trying to figure out how to configure my vlan and vlan interfaces for management purposes also to help with testing connectivity.

Please advise in anyway possible I'm not sure if it makes sense but I'm learning college student and in the Army as IT


See More: Configuration issues on layer 3 Cisco switch 3560

Report •


#1
December 22, 2014 at 09:39:58
✔ Best Answer
switch # 3 is trunked thru switch 2 and switch 2 is trunk to switch 1 not sure if this is correct??

This is not the preferable setup but since your environment is so small, it will do. If it were up to me, both switches would connect to the 2800 router. The reasoning being, whenever you daisy chain switches like this, the upstream carries all it's own bandwidth as well as that of any downstream. For example, lets say you have 4 switches all daisy chained. Switch 3 would carry all of 4's bandwidth as well as it's own. Switch 2 would carry 3 and 4's as well as it's own. Finally, 1 would carry all of 2, 3 and 4. Daisy chain enough switches together and the aggregate bandwidth will shut all of them down.

So it's always best practice to refrain from daisy chaining whenever possible.

Ok, having said that.....you need to learn the basics about VLAN tagging before you go much further. Your 2800 router will do all your layer 3 (routing) so you don't actually need layer 3 on your switches.

In a small environment like this, I would suggest you start with 3 VLAN's as follows:

VLAN 1 = management VLAN
VLAN 2 = Data
VLAN 3 = VoIP

Assuming a 192.168.0.0/24 address space I would setup VLAN's with subnets like so:

VLAN 1 = 192.168.1.0
VLAN 2 = 192.168.2.0
VLAN 3 = 192.168.3.0

Your management VLAN is used only for assigning IP's to your appliances and to carry all other traffic.

2800 VLAN 1 IP = 192.168.1.1
Switch 1 VLAN 1 IP = 192.168.1.10
Switch 2 VLAN 1 IP = 192.168.1.20

Configure ports as needed for data and VoIP using appropriate subnets and ensure your trunk ports are actually trunk ports with primary VLAN ID of 1 and carrying all other VLAN's. Myself, I tend to use the last port(s) on a switch as uplinks and always leave port 1 as management (VLAN 1 only in access mode).

How you tie this in to your existing system to get it working is not something I'm going to be able to help you with as I haven't touched Cisco in about a decade. We use Avaya where I work and my Cisco skills are rusting. I can tell you that if your present setup is all SOHO level equipment and not at the very least layer 2 capable, you'll likely have to let your 2800 handle all the routing for all subnets.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

#2
December 22, 2014 at 10:00:34
Curt,

Awesome information thanks so much. I'm going to start working on rebuilding using your tips. I have a bit more information based on what you have gave me with using the call manager portion and the 2800 series pushing dhcp as primary routing on the environment

How can I push a wireless router into the picture to provide the internet services otherwise I just have a dead network with clients that can share resources and voip phones that call each other?

Also my VOIP vlan is running 192.168.10.1 net which i think will work great with the subnets you have given me. Do the ports on the other switches need to be switchports to push them to the voip vlan I think this is my biggest problem right now? My phone that is directly connected in the room with 2800 and 3560 switch is up and running the one in room 3 is stuck in configuring mode I think its not pushing itself to the manager to pull an ip and come up.

Also Curt can you make a suggestion to fix the problem of daisy chaining the switches with having to jump floors I'm not sure how to go about this should I run a direct line as I have done switch 2 to switch one however there isnt enough ports on the router to accomplish 3 switches directly in??


Report •

#3
December 22, 2014 at 21:32:16
How can I push a wireless router into the picture to provide the internet services otherwise I just have a dead network with clients that can share resources and voip phones that call each other

Is your wireless router not ahead of your 2800 router right now? Like so:

Internet >> Wireless SOHO Router >> 2800 >> Switches

Also my VOIP vlan is running 192.168.10.1 net which i think will work great with the subnets you have given me

Is this a subnet assigned by your provider specifically for VoIP? Or, is it on the LAN side of your router and arbitrary?

I didn't try to detail anything but how I would setup the VLAN's because I don't have all the details on how your present setup is configured. So I stuck to how I would do the VLAN assignments. If you look at how I assigned VLAN's and subnets you'll notice the 3'd octet of the /24 subnets matches the VLAN tag (ie: VLAN 2 = 192.168.2 and VLAN 3 = 192.168.3) I do this just because it's a lot more logical than VLAN 2 = 192.168.10 and thus easier to keep VLAN's/Subnets straight in your head. You can do it however you like, just document it for future reference.

Do the ports on the other switches need to be switchports to push them to the voip vlan I think this is my biggest problem right now?

I'm not sure what you mean. Again, it's been 10 years since I worked on cisco. But it seems to me "switchport" is part of a command, not exactly port setting. You would want your VoIP VLAN ports to be setup for access. Just like you would for a data VLAN, only uplinks would be set to trunk mode.

My phone that is directly connected in the room with 2800 and 3560 switch is up and running the one in room 3 is stuck in configuring mode I think its not pushing itself to the manager to pull an ip and come up.

Since that phone is working, how is that 3560 configured? What is your VLAN configuration for that switch? Since the switch in 3 is daisy chained to the 3560, how are the uplink ports between the two configured?

there isnt enough ports on the router to accomplish 3 switches directly in??

Without more available ports on the router, you're stuck daisy chaining. As I said previously, in such a small environment, it's not that big a deal. If the router has room for another module, and you can get your hands on another module for it that has more interfaces, then you could go that route and connect all switches directly to the router. But you probably don't need to.

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •

Related Solutions

#4
January 3, 2015 at 23:46:26
Curt,

Sorry for the long delay as I took a break for the holidays as I'm sure you did the same. I took some time to redesign the network and I used Packet tracer to help me get started. So I have the big question based off of what I now have built as I can't accomplish this part with Cisco Packet tracer that I'm aware.

Cisco 2800 series router with CME > SW 1 Main floor
SW2 2nd floor trunked to SW 1
SW3 Garage trunk to SW 2

VOIP phones are talking computers can ping each other I have a closed network built and ready on cisco packet tracer to copy.

I need to add in my internet access with my cable modem and Wireless Netgear router

My thoughts of how to do this

Cable modem direct into 2800 series router pushing DHCP client thru 2800 off of FA0/0

Run FA0/1 to switch to push DHCP services and internet thru to the switch # 1

Trunk ports for additional switches and add wireless router as device on SW # 1 enabling the WAN port on it providing WiFi does this sound like it would work?? disabling the DHCP client off of the wireless router as well so it doesn't conflict


Report •

#5
January 5, 2015 at 09:52:10
Hey, welcome back. Yep, I took a long break too!

Your setup looks good and I'm glad to hear you have it all working properly.

With regards to adding the internet, I think if it were me, I'd connect the SOHO router to the 2800 and let it (the SOHO router) handle DHCP/DNS for internet connectivity. It would save you setting up both (DHCP/DNS) on the 2800. If you just want to do it for practice and to learn, then by all means go for it. But I'm a firm believer in the KISS principle and since you have a working closed LAN and working internet, it seems simpler to me to connect the working internet to the closed LAN.

Also, this puts your LAN behind the firewall built into the SOHO router. With it removed from the mix, you have a serious security concern with no firewall between your LAN and the internet.

If you do go with the cable modem to 2800 connection then yes, definitely disable DHCP on it. You don't want two DHCP services running as they could (and likely would) conflict with each other. In this scenario, I would connect the wireless router to SW 1 via it's LAN port and give it a LAN on the same subnet as everything else. This is a lot simpler than connecting to the WAN port (again, KISS).

It matters not how straight the gate,
How charged with punishments the scroll,
I am the master of my fate;
I am the captain of my soul.

***William Henley***


Report •


Ask Question