Buona sera a tutti,
Vorrei porvi un quesito, forse un po' banale.
Ho configurato uno switch catalyst 2960 con 3 vlans + 1 vlan:
10
20
30
99 management
Ho impostato sempre sullo switch una porta in modalitá trunk verso una porta del router, ed un'altra in modalitá di accesso alla vlan20 verso l'altra porta del router.
Naturalmente sul 2901 sulla gi0/0 ho creato le subinterface per le vlan 10,30,99; mentre sulla gi0/1 ho semplicemente configurato l'indirizzo della subnet della vlan 20.
Ora arriviamo ai problemi, i terminali sulle stesse vlan si vedono e pingano tranquillamente, dalla vlan 30 pingo e vedo la vlan 10, e sempre da essa riesco a pingare tutte le interface e subinterface del router. Il problema é che non riesco assolutamente ad entrare nella vlan 20, e la cosa mi sembra alquanto assurda...
Mi sembra di perdermi in un bicchier d'acqua, ma qualche lume in più da chi esperienza ne ha da vendere sarebbe ben accetta...
Inter-vlan routing con cisco 2901 e 2 gigabit ethernet
Moderatore: Federico.Lagni
-
- Cisco fan
- Messaggi: 41
- Iscritto il: mar 08 gen , 2013 11:22 am
Ho pensato che possa servire una rotta statica tra una porta e l'altra dello stesso router, anche se mi sembra illogico visto che sono parte dello stesso apparato... Credo più in un errore di configurazione...
Vi posterò le conf al più presto...
Vi posterò le conf al più presto...
-
- Cisco fan
- Messaggi: 41
- Iscritto il: mar 08 gen , 2013 11:22 am
CONFIG ROUTER 2901
CONFIG SWITCH 2960S
Codice: Seleziona tutto
Router#sh run
Building configuration...
Current configuration : 5150 bytes
!
! Last configuration change at 07:12:00 UTC Tue Apr 15 2014 by vincenzo
!
version 15.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
no aaa new-model
!
!
!
!
!
!
!
ip domain name yourdomain.com
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
crypto pki trustpoint TP-self-signed-672430249
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-672430249
revocation-check none
rsakeypair TP-self-signed-672430249
!
!
crypto pki certificate chain TP-self-signed-672430249
certificate self-signed 01
30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 36373234 33303234 39301E17 0D313430 32313830 38313235
385A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3637 32343330
32343930 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
A52AED0E FDA27577 2BA0104C 3350AAFC 9CDBF77B 6B07CD17 BC3C07D3 58D5E5FC
163617E0 FBF2B239 6EFB17CC D79FBB2A 1E13C468 FA24DED4 B661EF52 F1AD23E5
D91BDECD EF35F315 DAE48DAA C10D23D3 AAECEA66 7D0008AD 00EBAEA6 8587A7E9
F569D19A D9A180D8 348403AF 9F7808F2 C9BE9FA6 0C028D2B 48B6B889 E011FB39
02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D
23041830 1680142B EB797E1E 59446F52 0CE93A76 A1787160 62FEB230 1D060355
1D0E0416 04142BEB 797E1E59 446F520C E93A76A1 78716062 FEB2300D 06092A86
4886F70D 01010505 00038181 0032D0B5 15502C68 0711BA73 F8E17B74 476BB8B9
048524B1 B9E4A761 3660BD0C 9C8A4A66 31ACD296 918F1F88 F988DF87 C1E9BC6F
B4206921 8A0FD1EA 41672422 66222514 4B57AF6A 8872A59B BE8697AF CB39D7A2
070FF8DF BD9948F0 B317ABDD DF9BF34F 56EADD36 A8570B73 62CDB139 8C06AA3F
9DE7A647 9C053D4A B9E126DA EB
quit
license udi pid CISCO2901/K9 sn FCZ1808C0X8
!
!
username vincenzo privilege 15 secret 5 $1$9Vut$yPCMnUD01fYxXolVaYiVg/
!
redundancy
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Embedded-Service-Engine0/0
no ip address
shutdown
!
interface GigabitEthernet0/0
no ip address
duplex auto
speed auto
!
interface GigabitEthernet0/0.10
encapsulation dot1Q 10
ip address 192.168.10.1 255.255.255.0
!
interface GigabitEthernet0/0.30
encapsulation dot1Q 30
ip address 192.168.30.1 255.255.255.0
!
interface GigabitEthernet0/0.99
encapsulation dot1Q 99 native
ip address 192.168.99.1 255.255.255.0
!
interface GigabitEthernet0/1
ip address 192.168.20.1 255.255.255.0
duplex auto
speed auto
vlan-id dot1q 20
exit-vlan-config
!
!
ip default-gateway 192.168.99.1
no ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
!
!
!
!
!
control-plane
!
!
banner exec ^C
% Password expiration warning.
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you want to
use.
-----------------------------------------------------------------------
^C
banner login ^C
-----------------------------------------------------------------------
Cisco Configuration Professional (Cisco CP) is installed on this device.
This feature requires the one-time use of the username "cisco" with the
password "cisco". These default credentials have a privilege level of 15.
YOU MUST USE CISCO CP or the CISCO IOS CLI TO CHANGE THESE PUBLICLY-KNOWN
CREDENTIALS
Here are the Cisco IOS commands.
username <myuser> privilege 15 secret 0 <mypassword>
no username cisco
Replace <myuser> and <mypassword> with the username and password you want
to use.
IF YOU DO NOT CHANGE THE PUBLICLY-KNOWN CREDENTIALS, YOU WILL NOT BE ABLE
TO LOG INTO THE DEVICE AGAIN AFTER YOU HAVE LOGGED OFF.
For more information about Cisco CP please follow the instructions in the
QUICK START GUIDE for your router or go to http://www.cisco.com/go/ciscocp
-----------------------------------------------------------------------
^C
!
line con 0
login local
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport output pad telnet rlogin lapb-ta mop udptn v120 ssh
stopbits 1
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet ssh
!
scheduler allocate 20000 1000
!
end
Codice: Seleziona tutto
Switch#sh run
Building configuration...
Current configuration : 5576 bytes
!
! Last configuration change at 01:29:12 UTC Wed Mar 30 2011
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Switch
!
boot-start-marker
boot-end-marker
!
no logging console
enable secret 5 $1$v.0F$eJpmr5tRXHvQlKEoQbwXW1
!
username utente privilege 15 password 7 101F5B4A5142
no aaa new-model
switch 1 provision ws-c2960s-24ps-l
!
!
ip domain-name switch.quattromini
ip device tracking
!
!
crypto pki trustpoint TP-self-signed-2251700352
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2251700352
revocation-check none
rsakeypair TP-self-signed-2251700352
!
!
crypto pki certificate chain TP-self-signed-2251700352
certificate self-signed 01
3082023F 308201A8 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32323531 37303033 3532301E 170D3933 30333031 30303032
33375A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 32353137
30303335 3230819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100EBAF 9A8E20EE DC90A806 29FB0194 06126E79 AEE07D0F 6C0FE974 52F972C8
60EA7EC9 1900931D 50AEAF1C 23A39474 E963C0F7 B09B33A6 F4FB3C43 87615C75
DA904579 544CAAB3 86D8D06A F93A5477 EBB020C5 3D814309 418104C6 CCDC28DC
299089C5 1FA67F1D CCA51671 4395F8A1 0DDC10B1 BE7C02CA 0D7FF8C1 CD3C5B94
076F0203 010001A3 67306530 0F060355 1D130101 FF040530 030101FF 30120603
551D1104 0B300982 07537769 7463682E 301F0603 551D2304 18301680 149F1C65
9090034A A83B440B FBD8B738 6747080C 99301D06 03551D0E 04160414 9F1C6590
90034AA8 3B440BFB D8B73867 47080C99 300D0609 2A864886 F70D0101 04050003
818100B3 E3D199C7 77AAA28A FA08C606 FD8421FE 1F50763B 0C3EBB17 263BB0EA
D8B18F37 0541F5F3 3C1D51BC 756E870E E37CF4A5 FBB558CC B08C98EC 57996318
34FBCE4F A03B9143 C5AD392C D7B2788E BB6CD8A4 1E066C94 98CB716C 0CE9C30C
1932D77F DF6B1335 6BF3C6BA F8EC6321 BC915FAB 01646C72 D269F24F D5E4D601 09089E
quit
spanning-tree mode pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
vlan internal allocation policy ascending
!
ip ssh authentication-retries 5
ip ssh version 2
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
no ip address
!
interface GigabitEthernet1/0/1
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/2
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/4
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/5
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/6
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/7
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/8
description Modulo Scenari BTicino MH200N (domotica)
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/9
description Touch Screen BTicino (domotica)
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/10
description Web Server BTicino F454 (domotica)
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/11
description Presa n.1 (ingresso 2 nicchia)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/12
description Presa n.2 (ingresso 2 nicchia)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/13
description Presa n.3 (ingresso 2)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/14
description Presa n.4 (ingresso 1)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/15
description Presa n.5 (ingresso 1)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/16
description Presa n.6 (seminterrato)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/17
description Presa n.7 (seminterrato)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/18
description Presa n.8 (antibagno)
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/22
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/23
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/24
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface Vlan1
no ip address
!
interface Vlan10
description RETE PER LA DOMOTICA
no ip address
!
interface Vlan20
description RETE PER LA VIDEOSORVEGLIANZA
no ip address
!
interface Vlan30
description RETE PRIVATA AZIENDALE
no ip address
!
interface Vlan99
description RETE DI GESTIONE
ip address 192.168.99.2 255.255.255.0
!
ip default-gateway 192.168.99.1
ip http server
ip http authentication local
ip http secure-server
!
!
!
!
!
line con 0
password 7 01100F175804
login
line vty 0 4
password 7 01100F175804
login local
monitor
transport input ssh
line vty 5 15
login
!
end