Cisco router and switch configuration

ciscocisco-catalystios

I want to configure a Cisco 2600 series router to be DHCP server. To the ethernet port i want to connect a Cisco Catalyst 2900XL 24 ports switch, in this switch i want to connect a computer in port X2, the 2600 series router should be in port X1 and a internet uplink in port X24. On this uplink another DHCP server is running.

Is it possible to configure these devices so that the computer will recieve a IP address from the 2600 series router and not the DHCP on the internet uplink? The router should not broadcast DHCP addresse on the uplink either.

I do not want to make manual configurations on the computer, everything should be configured in the switch and router, if it is possible.

Best Answer

It sounds like what you're trying to do should be fine. You can have either the switch or the router provide the DHCP service. You'll want to enable dhcp snooping on the uplink port (setting it to untrusted). That SHOULD drop any DHCPOFFER coming in from there.

ip dhcp snooping

ip dhcp snooping vlan number 110 (or whatever)

for each interface (not the uplink):

interface fe0/0

ip dhcp snooping trust

then you should basically be good.

Related Solutions

Cisco – Management VLAN Cisco Catalyst

You can apply an ACL just to management access. For instance:

! replace x.x.x.x with the IP to permit
access-list 1 permit host x.x.x.x

! some switches range from 0 to 15 instead of 0 to 4, adjust as necessary
line vty 0 4
 access-class 1 in

This applies standard access list 1 to just inbound access on virtual terminals (which includes telnet and ssh access), irrespective of VLAN. You can use a more sophisticated access-list if needed. Chopper3 provided a good link for that.

Cisco – VLAN trunking between Juniper EX -> Cisco Catalyst -> and Cisco Router

You stated that ports 3 and 42 were configured on the Catalyst switch, but then provided configurations for ports 46 and 48. The configuration you posted for port 46 should be applied to port 3 that connects to the EX2200. Your router's connection is unchanged, so hopefully we can assume that configuration is fine.

Now, on the EX2200, the following lines of code would be appropriate to do the following:

ge-0/0/0 - trunk allowing the same vlans as defined above on port 46

ge-0/0/6 - access port on VLAN80

set vlans vlan80 vlan-id 80
set vlans vlan82 vlan-id 82
set vlans vlan83 vlan-id 83
set vlans vlan93 vlan-id 93
set vlans vlan289 vlan-id 289
set interfaces ge-0/0/0 description uplink-to-catalyst 
set interfaces ge-0/0/0 unit 0 family ethernet-switching port-mode trunk
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlan80
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlan82
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlan83
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlan93
set interfaces ge-0/0/0 unit 0 family ethernet-switching vlan members vlan289
set interfaces ge-0/0/6 unit 0 family ethernet-switching port-mode access
set interfaces ge-0/0/6 unit 0 family ethernet-switching vlan members vlan80

Some other suggestions for you:

1) Turn on LLDP on your switch so you can do a show lldp neighbors and see where your connections go.

2) Don't use RSTP for spanning tree on the juniper switch, it doesn't play nice with Cisco that well, use VSTP instead. If you end up with a ton of vlans, you might even need to use MSTP.

3) Turn off chassis alarm for the management ethernet if you're not using it.

On the EX2200:

delete protocols rstp
set protocols vstp vlan all bridge-priority 4k
set protocols lldp interface all
set chassis alarm management-ethernet link-down ignore

On the Catalyst (if it supports it)

lldp run

Best Answer

Related Solutions

Cisco – Management VLAN Cisco Catalyst

Cisco – VLAN trunking between Juniper EX -> Cisco Catalyst -> and Cisco Router

Related Topic