Switch – Configuring multiple subnets with switch connected to single router interface

designrouterswitchswitching

I have a design like this

But I'm receiving a lot of mismatch errors and it doesn't work at all. I tried to ping 10.0.0.1 to no avail.

I'm trying to configure the vlans on the switch 1 this way (the interface that goes to the router is f0/1):

Switch 1 configuration

configure terminal 
vlan 2 
name subnet1

vlan 3
name subnet2

interface fastEthernet 0/3
switchport mode access 
switchport access vlan 3
exit

interface fastEthernet 0/2 
switchport mode access
switchport access vlan 2 
exit

interface fastEthernet 0/1 
switchport mode trunk
exit

Switch(config)#interface vlan 2
Switch(config-if)#ip address 192.168.1.3 255.255.255.0
Switch(config-if)#no shutdown

Switch(config)#interface vlan 3
Switch(config-if)#ip address 192.168.2.3 255.255.255.0
Switch(config-if)#no shutdown

Switch 11

interface fastEthernet 0/1
switchport mode trunk 
exit

**ALSO SAME CONFIG AS MAIN ROUTER WITH VLAN BEING EQUAL AS CONFIGURED BEFORE.**

Update: Router config.

Router>enable 
Router#configure terminal 
Router(config)#interface fastEthernet 0/0
Router(config-if)#ip address 10.0.0.1 255.255.255.0
Router(config-if)#no shutdown

Router(config)#interface fastEthernet 0/0.2
Router(config-subif)#
Router(config-subif)#encapsulation dot1Q 2
Router(config-subif)#ip address 192.168.1.2 255.255.255.0
Router(config-subif)#

Router(config)#interface fastEthernet 0/0.3
Router(config-subif)#
Router(config-subif)#encapsulation dot1Q 3
Router(config-subif)#ip address 192.168.2.2 255.255.255.0
Router(config-subif)#

Router(config)#interface FastEthernet0/0
Router(config-if)#ip helper 192.168.1.4
Router(config-if)#interface FastEthernet0/0.2
Router(config-subif)#ip helper 192.168.1.4
Router(config-subif)#interface FastEthernet0/0.3
Router(config-subif)#ip helper 192.168.1.4
Router(config-subif)#

I tried to also configure Switch 11 with a f0/1 trunk mode, and all the other ports to a vlan with the address 192.168.1.4

Any suggestion?

Update 1: Errors are switches Native VLAN mismatch type switch11 f0/1 with Switch1 f0/2

Update 2: I have v2 RIP routing on the router with all the related IPs.

Update 3:
I have connectivity between PCs and PC to router. Still get switch errors/warnings:

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on FastEthernet0/1 (1), with Switch FastEthernet0/2 (2).

%CDP-4-NATIVE_VLAN_MISMATCH: Native VLAN mismatch discovered on
FastEthernet0/3 (3), with Switch FastEthernet0/1 (1).

Update 4:

Can't seem to get the DHCP server to work. I used the IP helper command on the router f0/0 interface and subinterfaces but doesn't work.

Update 5:
Show command for switch 1 f0/2 (now named switch 0. The one connected to the router):

Switch>show interfaces fastEthernet 0/2 switchport
Name: Fa0/2
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: native
Negotiation of Trunking: Off
Access Mode VLAN: 2 (subnet1)
Trunking Native Mode VLAN: 1 (default)
Voice VLAN: none
Administrative private-vlan host-association: none
Administrative private-vlan mapping: none
Administrative private-vlan trunk native VLAN: none
Administrative private-vlan trunk encapsulation: dot1q
Administrative private-vlan trunk normal VLANs: none
Administrative private-vlan trunk private VLANs: none
Operational private-vlan: none
Trunking VLANs Enabled: All
Pruning VLANs Enabled: 2-1001
Capture Mode Disabled
Capture VLANs Allowed: ALL
Protected: false
Unknown unicast blocked: disabled
Unknown multicast blocked: disabled
Appliance trust: none

Update 6:
Got rid of the warnings (creating the vlans on the subnet switches and assigning the vlan to the trunk)! Now the only issue is I can't get the DHCP to work.

Update note: Remember there's connectivity with the Router subinterfaces 0.2 or 0.3. Ex: ping from PC to 192.168.1.2 works and between PCs on different subnets

However the errors won't stop and can't seem to get the DHCP server to work.

I used this tutorial but it only has a main switch

FINAL UPDATE:
Seems like what I did was the only possible thing according to this post "I'm afraid you can't use ip helper-address to assign IP addresses to PCs from a secondary address scope."

So I'd need a L3 router in order to do that. I guess this is all and I'll ad a L3 router.

Best Answer

This can't work.

The single router interface needs to be configured as a VLAN trunk for VLAN IDs 1(?) and 2. The switches must use VLAN trunking on their interconnects and on that to the router.

You need to make sure that each subnet provides proper connectivity from the end node all the way to the router.

On the router, each VLAN subinterface needs to be configured with an IP address from the subnet. In your config, 192.168.2.0/24 is missing. 10.0.0.1/24 is bound but doesn't seem to provide any connectivity anywhere.

RIP doesn't hurt but doesn't do anything either with just one router.

Your ASA configuration:

route outside 0.0.0.0 0.0.0.0 172.16.1.1 1

This will provide a default route via the outside interface, but how will the ASA know how to reach subnets residing behind the Layer 3 Distribution Switch?

You'll need to add routes to the internal subnets via the inside interface using the Layer 3 Distribution Switch as the next-hop IP address.

ASA static routing example:

route inside 172.19.12.0 255.255.255.240 172.16.2.2
route inside 172.19.3.0 255.255.255.0 172.16.2.2
route inside 172.20.100.0 255.255.255.224 172.16.2.2

Your Cisco Router's configuration:

ip route 0.0.0.0 0.0.0.0 200.200.200.200

Additionally, how will your border router know how to reach subnets other than it's connected routes, and the catch all default route via the outside interface's next-hop address 200.200.200.200?

Router static routing example:

ip route 172.19.12.0 255.255.255.240 172.16.1.10
ip route 172.19.3.0 255.255.255.0 172.16.1.10
ip route 172.19.100.0 255.255.255.224 172.16.1.10
ip route 172.16.2.0 255.255.255.224 172.16.1.10

Switch – Successful Auto/Auto PAgP Port Channel

As per default, etherchannel is running in "silent" mode. So ethch goes up at the first time, but if you try to disable/enable on side maybe ethch doesn't goes up again.

From CISCO CCO : non-silent —(Optional) If your switch is connected to a partner that is PAgP capable, configure the switch port for nonsilent operation when the port is in the auto or desirable mode. If you do not specify non-silent , silent is assumed. The silent setting is for connections to file servers or packet analyzers. This setting allows PAgP to operate, to attach the port to a channel group, and to use the port for transmission.

Best Answer

Related Solutions

Cisco ASA Routing Issue

Your ASA configuration:

ASA static routing example:

Your Cisco Router's configuration:

Router static routing example:

Switch – Successful Auto/Auto PAgP Port Channel

Related Topic