Layer2-Switch(config)# interface fastethernet0/1 Layer2-Switch(config-vlan)# name ENGINEERING ! Create VLANs 10 and 20 in the switch database Let’s see a configuration snapshot for all switches below: Cisco L2 Switches (same configuration for both switches) Also, all interfaces connecting the three switches must be configured as Trunk Ports in order to allow Vlan10 and Vlan20 tagged frames to pass between switches. Traffic between Vlan10 and Vlan20 will be routed by the 元 Switch (InterVlan Routing). Similarly, hosts connected to Vlan20 on the closet switches will have address 10.20.20.20 as their default gateway. That is, hosts connected to Vlan10 on the closet L2 switches will have as default gateway the IP address 10.10.10.10. These two IP addresses will serve as the default gateway addresses for hosts belonging to Vlan10 and Vlan20 on the Layer2 switches respectively. On the Layer3 Switch, for Vlan10 we will create an SVI with IP address 10.10.10.10 and for Vlan20 an SVI with IP address 10.20.20.20. Of course you can expand this scenario with more Vlans and more Layer 2 switches as needed.
Two Vlans need to be created on the L2 and 元 switches, Vlan10 and Vlan20. Interface Fa0/48 of the Layer3 switch is configured as a Routed Port with IP address 10.0.0.1 and connected to ASA inside interface (10.0.0.2). See the diagram below to get the whole picture: This is a fairly popular network scenario that I have seen in many enterprise networks.
#Cisco 2950 switch layer 3 how to#
A similar scenario using the new Cisco Nexus switches is described in the article here.Īt the end of this article you will find also important routing configuration commands for the ASA and also how to use Access Control Lists (ACL) on the Layer 3 switch to control traffic (permit or deny) between VLANs at Layer3 level. The focus of this article is to show you how to configure the Layer2 and Layer3 switches to provide routing between VLANs using regular IOS based catalyst switches. A Routed Port will be configured between the Layer3 Switch and ASA internal interface to route packets towards the internet (via the ASA).
Moreover, a Cisco ASA firewall will provide Internet connectivity for all internal subnets. On this post I will describe a scenario with a Layer3 switch acting as “ Inter Vlan Routing” device together with two Layer2 switches acting as closet access switches. If you don’t have a Layer3 switch available, you can also configure InterVLAN routing using a simple Layer2 switch and a Router (also called Router-on-a-Stick). The above feature means that you can implement Layer 3 functionality in your network without using a regular router.
Moreover, you can configure also a Switch Virtual Interface ( SVI) with the “ interface vlan” command which acts as a virtual layer 3 interface on the Layer3 switch. That is, you can assign an IP address directly on the routed port. On a Layer3-capable switch, the port interfaces work as Layer 2 access ports by default, but you can also configure them as “ Routed Ports” which act as normal router interfaces. For example, some switch models that support layer 3 routing are the 3550, 3750, 3560 etc.
#Cisco 2950 switch layer 3 full#
UPDATED: 2020 – Cisco Catalyst switches equipped with the Enhanced Multilayer Image (EMI) can work as Layer 3 devices with full routing capabilities.