So I have been tasked with segmenting the traffic at our corporate site. To do this I need to create the VLANs on the switches and then create trunk links. No problem, right?
Well the issue is *not* that we have multiple vendors switches, but that one particular switch does not have a full fledged CLI. Therefore, you cannot create VLANs or a trunk link using the CLI. You have to use the web GUI interface, which means it needs to be assigned an IP. Furthermore, the web GUI operates on the default VLAN (VLAN 1) and despite changing the management VLAN to another, you cannot access the web frontend without VLAN 1 having an IP address…
Nonetheless, here is the quick and dirty setup:
Cisco 3560 (w/ IPServices) <–> 3com 4210 <–> Cisco 3548XL or 3com 2250
Creating the trunk links from the 3560 to 4210 and from the 4210 to the 3548XL is not a problem at all. This is all done using the CLI and works marvelously.
Nonetheless, we have some spares, so I put together a lab. In the end I had to follow these steps:
1) Browse to the IP of the 2250
2) On the left click Device > VLAN
3) Create the VLANs (keep in mind VLAN 1 needs to stay as the Management VLAN)
4) Click “Modify Port” tab
5) Select the port that is not currently the Uplink port
6) Select “Untagged” and choose VLAN 1; click Apply
7) Select “Tagged” and choose all other VLANs; click Apply
Now on the 4210:
1) Console into the switch (19200,8,N,1)
2) Select the port to uplink the 2250
3) port link-type trunk
4) port trunk pvid vlan $mgmtVLAN
5) port trunk permit vlan $permitedVLANs
6) stp edged-port disable
Now connect the to uplink ports together and the trunk should be formed. Although it seems simple enough, it took some time to figure it out properly.
Furthermore, learn from my mistake: assign the 2250 a static IP (no gateway), assign the LAN interface of your laptop in the same range (no gateway), plug your laptop into the 2250 and browse to the 2250 static IP.
I had to constantly disconnect and reconnect the uplink port to an access port, so that my laptop could connect to the 2250’s IP. This was very inefficient and made it take a lot longer needed to get this figured out.