MX105 Setting Up VLANs

SOLVED
akehn
Here to help

MX105 Setting Up VLANs

Hello,

I am new to Meraki and VLANs. I just setup the following devices below. I have the MX105 LAN 5 port going to my MS250-48FP and then the MS250 to the MS125, and then from that MS125 to the other MS125. So there all connected.

 

Security & SD-WAN (Dashboard)

Addressing & VLANs  > Routing > and then made the 4 VLANs that I need.

 

Switch (Dashboard)

Switches > all 3 switches I picked a port edited the Native VLAN and Allowed VLANs to just the one I wanted, saved it and it worked. I could not access the other VLANs which is good.

 

Did I do that correctly? That seemed way to easy...

 

Lets say I want a computer to access a device on another VLAN. How do I do that? I tried the obvious and add both VLANs on the (Port --> Allowed VLANs) but that didn't work. Neither still see each other.

 

Device List

MX105

MS250-48FP

MS125-24P

MS125-24P

 

 

Thanks again.

1 ACCEPTED SOLUTION
DHAnderson
Head in the Cloud

@akehn 

 

No, you do not have to plug all switches into the MX.

 

Each switch should have an up-link defined.  I typically use port last port on a switch (24  on a 24 port switch, or 28 if using SPF) as the up-link from the previous device in the chain.  I use port 23 (or 27 if using SPF) for the up-link to the next device in the chain.  On each of those ports, I set them to Trunk Ports and set the Allowed VLANs to what I need.  Keep in mind that each port connected to another port via a patch cable need to have the same VLANs definition.

 

View solution in original post

8 REPLIES 8
Bruce
Kind of a big deal

You need trunk ports between all the devices, and to allow the VLANs on the trunk ports - which it sounds as if you’ve already done. Then every VLAN needs a gateway (Layer 3 interface - I.e. an IP address). On the MX, where you created your first VLAN, you’ll also need to create the new one, and that will walk you through creating the Layer 3 interface. The Layer 3 interfaces will then pass the traffic between the VLANs.

Not sure i understand. I did create all my VLANs. Is that what you meant by i need to create a new one? Here is my setup.

 

VLANs

Screen Shot 2021-09-22 at 3.33.04 PM.png

 

Switch 2 - Port 7

Screen Shot 2021-09-22 at 3.39.19 PM.png

 

Switch 3 - Port 12

Screen Shot 2021-09-22 at 3.46.37 PM.png

 

I added both VLANs on the (Allowed VLANs) for both ports. Neither still, see each other. What am I missing or not doing?

 

Thanks

DHAnderson
Head in the Cloud

Doe the VLAN IDs on the MX ports match what the switch uplink ports are set to?

Hello,

Sorry, I am very new to VLANs. I know what you mean by the VLAN IDs but the switch uplink ports you mean the ports going from my MX105 to MS250, to MS125 to MS125?

 

Just wanted to verify. If so each of those ports is set as the picture below.

 

Native VLAN - 1

Allowed VLANs - all   (This is set to all so should see all VLANs correct?)

 

Screen Shot 2021-09-22 at 7.52.39 PM.png

DHAnderson
Head in the Cloud

@akehn 

 

Any connection from MX to MS, or MS to MS or MS to MR is considered an uplink.  

 

The switch port settings on the MX are on Security & SD-WAN -> Addressing & VLANs -> Per-port VLAN Settings

 

Both connections for an uplink should have the same VLAN IDs.

 

-Dave

 

 

Ok, that helps a bit. More questions 🙂 Below is a picture of the Per-Port VLAN Settings. 

 

Are the Pre-port VLAN Settings the physical ports (5-10) that are on the MX105 switch? Do I need to plug each switch into those?

 

Screen Shot 2021-09-22 at 8.36.43 PM.png

 

DHAnderson
Head in the Cloud

@akehn 

 

No, you do not have to plug all switches into the MX.

 

Each switch should have an up-link defined.  I typically use port last port on a switch (24  on a 24 port switch, or 28 if using SPF) as the up-link from the previous device in the chain.  I use port 23 (or 27 if using SPF) for the up-link to the next device in the chain.  On each of those ports, I set them to Trunk Ports and set the Allowed VLANs to what I need.  Keep in mind that each port connected to another port via a patch cable need to have the same VLANs definition.

 

View solution in original post

Bruce
Kind of a big deal

Yes, the per-port VLAN settings are the settings on each port on the MX105. As you can see all the MX ports are set as trunks (so they carry multiple VLANs), with a Native VLAN of 1, and all VLANs allowed. To get you up and running these are the same settings that you should use on all the connections between MX and MS, MS and MS, and MS and MR.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels