05-19-2019 12:45 AM
I'm pretty new to switches and I've recently purchased a Catalyst 2960s. Although I'm aware this is an L2 switch, I'm pretty sure I can connect several devices to the internet using it (16 I believe, one for each SVI). I'm a few days into attempting this. From how I understand it, I need to create a VLAN and assign a port to it, then create an SVI, which is Level 3 by assigning an IP address to the VLAN. Then, I need to to IP routing (not sure how).
Any help here would be appreciated. I've been playing in the CLI for a few days, Googling just about everything, but no luck yet. Thanks in advance.
05-19-2019 01:23 AM
Not sure what IP routing you looking here.
If you created an L3 interface with ip routing enabled, inside switch L3 interface able to communcate each other.
If you like to default route to your uplink side, then you can add below command
ip route 0.0.0.0 0.0.0.0 x.x.x.x ( x.x.x.x is your uplink route)
or if that not what you looking then - best to suggest to give post your configuration and exaplain more what routing you looking to add
05-19-2019 12:50 PM
05-19-2019 02:17 AM
in addition to enable ip routing in global config you may need to change the SDM template.
see the following thread
Hope to help
05-19-2019 12:46 PM
05-19-2019 01:38 PM
in this case we would like to see your complete configuration.
05-20-2019 12:35 PM
Okay, however I've just been playing around with it so I don't think any part of the config is indicative of the problem.
Switch#show running-config Building configuration... Current configuration : 3596 bytes ! ! Last configuration change at 22:48:24 UTC Sun Jan 1 2006 ! version 15.2 no service pad service timestamps debug datetime msec service timestamps log datetime msec no service password-encryption ! hostname Switch ! boot-start-marker boot-end-marker ! enable secret 5 $1$joUk$rodinZKNW5JzEuxLe/5QT0 ! no aaa new-model clock timezone UTC -5 0 clock summer-time UTC recurring switch 1 provision ws-c2960s-24ts-l ip routing ! ! ! ! ! ! ! ! ! crypto pki trustpoint TP-self-signed-508573952 enrollment selfsigned subject-name cn=IOS-Self-Signed-Certificate-508573952 revocation-check none rsakeypair TP-self-signed-508573952 ! ! crypto pki certificate chain TP-self-signed-508573952 certificate self-signed 01 30820229 30820192 A0030201 02020101 300D0609 2A864886 F70D0101 05050030 30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274 69666963 6174652D 35303835 37333935 32301E17 0D303630 31303230 30303035 325A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F 532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3530 38353733 39353230 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100 F2E5E526 7A3D964F 73C8CC43 DF602213 B2BF8A30 7AF958D6 7CE80727 87118A51 CAA3F7A7 23080592 F21B0FAB 62B62766 BD8FE0EE 4002E03A FA2762A0 C6806EF8 B5ED5AAF 204171B4 DA860804 CEF65ECF 3E3F0945 74C4ED9F 8D5D1EAA F0A3A410 90E48627 2ABE531D 315DCEF4 5918CCDE E11E0EA2 F866C9F7 7AD2F4E1 F797C3DB 02030100 01A35330 51300F06 03551D13 0101FF04 05300301 01FF301F 0603551D 23041830 16801420 54FB2156 41E8F596 BA8FAE17 7299C7F6 C70D8330 1D060355 1D0E0416 04142054 FB215641 E8F596BA 8FAE1772 99C7F6C7 0D83300D 06092A86 4886F70D 01010505 00038181 009EE424 F1AE4DFA 21C646AF 4CBF67CE 6E0306E2 EA632354 7095DC1E 6BBC689B D0B41949 225200ED 41043889 6402025C E74F918E 990F6C07 56992332 A73830B8 E4C312AC 92FF1644 522CE7F3 082DD0C0 E9DD1981 65BD28A5 FDDDE75C 39393399 8075123C D67C1AC9 9BFA4A1D 7F70AA24 4ADDE48B 436DDEFA 63093ED8 AE5407AC 4A quit spanning-tree mode pvst spanning-tree extend system-id ! ! ! ! vlan internal allocation policy ascending ! ! ! ! ! ! ! ! ! ! ! interface FastEthernet0 no ip address no ip route-cache ! interface GigabitEthernet1/0/1 ! interface GigabitEthernet1/0/2 ! interface GigabitEthernet1/0/3 ! interface GigabitEthernet1/0/4 ! interface GigabitEthernet1/0/5 ! interface GigabitEthernet1/0/6 ! interface GigabitEthernet1/0/7 ! interface GigabitEthernet1/0/8 ! interface GigabitEthernet1/0/9 ! interface GigabitEthernet1/0/10 ! interface GigabitEthernet1/0/11 ! interface GigabitEthernet1/0/12 ! interface GigabitEthernet1/0/13 switchport access vlan 13 switchport mode trunk ! interface GigabitEthernet1/0/14 switchport access vlan 14 switchport mode access ! interface GigabitEthernet1/0/15 ! interface GigabitEthernet1/0/16 ! interface GigabitEthernet1/0/17 ! interface GigabitEthernet1/0/18 ! interface GigabitEthernet1/0/19 ! interface GigabitEthernet1/0/20 ! interface GigabitEthernet1/0/21 ! interface GigabitEthernet1/0/22 ! interface GigabitEthernet1/0/23 ! interface GigabitEthernet1/0/24 ! interface GigabitEthernet1/0/25 ! interface GigabitEthernet1/0/26 ! interface GigabitEthernet1/0/27 ! interface GigabitEthernet1/0/28 ! interface Vlan1 ip address 10.10.1.1 255.255.255.0 ! interface Vlan13 ip address 10.10.13.1 255.255.255.0 ! interface Vlan14 ip address 10.10.14.1 255.255.255.0 ! ip default-gateway 10.10.1.2 ip http server ip http secure-server ! ! ! ! line con 0 line vty 0 4 password 12345 login line vty 5 15 password 12345 login ! end
I have the line from the router plugged into g1/0/13 and at the moment I'm just trying to get internet to a computer on g1/0/14. Keep in mind I've tried all sorts of configs already.
Thanks again everyone for continuing to help me with this.
05-20-2019 01:11 PM
interface Vlan1 ip address 10.10.1.1 255.255.255.0 ! interface Vlan13 ip address 10.10.13.1 255.255.255.0 ! interface Vlan14 ip address 10.10.14.1 255.255.255.0
ip default-gateway 10.10.1.2 << -- this is need to point to your router IP uplink
example : ip route 0.0.0.0 0.0.0.0 10.10.13.x (X is your uplink router IP.
you need to have NAT configured on router for your local lan IP address range for both
10.10.14.X and 10.10.13.x - also you need to have route back from router to switch for the IP address range 10.10.14.x for the return traffic.
05-20-2019 04:46 PM
Okay, luckily the router is NAT capable. How would it look in the settings? This is what it looks like now:
Is the gateway the router or the switch in this case?
With 192.168.1.2 I tried to ping this from the switch but it is unreachable.
Also, should the switch's IP be in the same subnet as the router? Thanks again.
05-21-2019 12:29 AM
add more static routes as suggested other post.
05-19-2019 07:55 AM
05-19-2019 12:57 PM
05-20-2019 11:22 AM
05-20-2019 12:41 PM
05-22-2019 01:52 PM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: