This article will show how to setup a Cisco SG 300-20 switch to work on a home / office network.
First of all you need to change your System Mode to Layer 3.
To get to the Console, you can either use the provided serial cable and login with the default userid/pw, or by enabling SSH.
Choose System Mode
Choose Edit, then hit your space bar to toggle the Layer 2 over to Layer 3. Save that and reboot. Important – This will erase everything so backup or make notes
Once the system comes back browse over to the Web GUI interface.
Choose “VLAN Management / Create VLAN” and enter as many VLANs as you like.
After you create the VLANs, you need to setup the IPv4 Interfaces.
Choose “IP Configuration / IPv4 Interface” and add VLAN 2
Things should look like this
Now you want to Untag the Ports that will be included in your first VLAN.
Change your VLAN ID to 2 and hit GO.
Then untag the port that your first computer is connect to (GE20 in my case on VLAN 2)
Then under “Interface Settings” you need to change the port to Mode = Access for VLANs to work properly.
Choose GE20 and Edit
Finishing Touches (Routing)
I needed to add a route to my Router using the “IPv4 Static Routes” page.
And also a reverse route on my Router which is a DD-WRT.
And this is my routing table on my DD-WRT
7 comments
Skip to comment form
do you still need to assign ports to vlans?
Hi Dave,
I’m having a hard time understanding this
Forbidden
Excluded
Tagged
Untagged
basically if i’m setting the port as Trunk what shall I enter?.. if i’m setting the port as Access what should it be?
thank you
Author
From Cisco Admin Guide
Forbidden
—The interface is not allowed to join the VLAN even from GVRP
registration. When a port is not a member of any other VLAN, enabling this
option on the port makes the port part of internal VLAN 4095 (a reserved
VID).
•
Excluded
—The interface is currently not a member of the VLAN. This is the
default for all the ports and LAGs. The port can join the VLAN through GVRP
registration.
•
Tagged
—The interface is a tagged member of the VLAN.
•
Untagged
—The interface is an untagged member of the VLAN. Frames of
the VLAN are sent untagged to the interface VLAN.
•
Multicast TV VLAN
—The interface used for Digital TV using Multicast IP. The
port joins the VLAN with a VLAN tag of Multicast TV VLAN. See
Access Port
Multicast TV VLAN
for more information.
•
PVID
—Select to set the PVID of the interface to the VID of the VLAN. PVID is
a per-port setting
im having problem with this. i can’t play the intervlan. different vlan cannot ping to each other .huhu any help
Thanks malpass
Please help
I can’t able ping my gateway through my pc on vlan
My topology with SG300 as below
DSL Linksys router 192.168.1.1
Vlan 1 192.168.1.2
Vlan 10.192.168.10.2
Vlan 20.192.168.20.2
Static route
192.168.10.0 sub 255.255.255.0 gateway 192.168.1.2
Author
Probably the reverse route on your Linksys? Check you have both the forward and reverse.
Hi, can you explain why we need to put the switch in to layer 3 to enable vlans? Is the SG300 not capable of supporting vlans in layer 2 mode?