Configuring Vlan

MariaMaggio · ‎08-05-2005

Hello,

I've a problem with a Switch Catalyst 2950 and a Router 2620XM.

I had configured two Vlan in the switch with the following steps:

-Eth0/1 I've connected the router and I've enable trunk

-Eth0/3 is connected to internet but if I don't enable trunk I cannot navigate.

-ip default gateway 172.17.0.1

-ip nameserver 192.167.96.200

-I create Vlan 2 and I've allocated it at the interface fa0/9 to fa0/16

-I create Vlan 3 and I've allocated it at the interface fa0/17 to fa0/24

I had configured the router with the following steps:

-I've created the subinterface (fa0/0.1, fa0/0.2 and fa0/0.3), I've specified the encapsulation dot1q and Vlan for everyone

-I've enabled ip nat inside in the fa0/0.1 and fa 0/0.2

-I've enabled ip nat outside in the fa0/0.3

-I've defined the following access-list:

access-list 1 permit 192.168.18.1 0.0.0.255

access-list 1 permit 192.168.17.1 0.0.0.255

-In the global configure mode

ip nat pool OutAddress 172.17.0.139 172.17.0.139 netmask

255.255.255.128

ip nat inside source list 1 pool OutAddress overload

My problems are:

1)I cannot navigate

2)Hosts in the Vlan 2 and 3 cannot ping host in the Vlan 1

3)Router can ping only hosts on Vlan 2 and 3.

paddyxdoyle · ‎08-05-2005

Hi,

Is fa 0/0.3 the default gateway for VLAN1, have you applied this gateway address to your hosts on VLAN1, can you ping this interface from a host in VLAN1.

If VLAN 1 is trunked to the router, have you configured the subinterface for vlan 1 as the native VLAN?

# encapsulation dot1q 1 native

Can you post the configs of you router fa0/0 interface and the respective switch interface to which the router is connected.

I'm curious as to why are you NATing from VLANs 2 and 3 to VLAN 1

Rgds

PJD

MariaMaggio · ‎08-05-2005

No, fa0/0.3 isn't the default gateway.

Gateway is 172.17.0.1 and it's the gateway for the host on Vlan 1.

From a host on Vlan 1 i can ping 172.17.0.139.

The " encapsulation dot1q 1 nativ" command isn't present in the subinterface fa0/0.3, there is encapsulation dot1q 1 command.

Please help me

paddyxdoyle · ‎08-05-2005

Hi,

You mentioned 172.17.0.1 being the gateway for VLAN1, where is the default gateway on your diagram?

Can you ping hosts on VLAN2 & 3 from the default gateway, do you have routes to these networks from the default gateway. If you trace between VLANs 1 and 2/3, where does the trace fail?

PJD

MariaMaggio · ‎08-06-2005

Hi,

I'm sorry about confusion in my post but the problem is complex.

172.17.0.1 is the default gateway and it isn't present in my diagramm because I can't access to it.

I'm realizing this work in a university laboratory so I can't test the ping from gateway.

But if I do the following test :

- I connect a computer to the switch and assign to it the ip 172.17.0.1.

It can ping all hosts in my network.

If I trace between VLANs 1 and 2/3, the output of traceroute command tell : can't find interface!

But if I trace the route from hosts in the Vlan 2/3 it's success because they pass from router and then arrive to the host in Vlan 1.

Please excuse my English.

MariaMaggio · ‎08-06-2005

Hi,

In the attachments there is the new network configuration.

In this moment the situation is the following:

- Hosts, in the Vlan 2/3, can ping all

- Host, in the Vlan 4, can ping only 10.0.x.x

- Router can ping all

Now I want to realize multicast between this network and an address 10.1.1.x.

Can you think that all is ok?

Can you suggest me some implementetion?