cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
656
Views
9
Helpful
8
Replies

router on vlan problem

erick.friedman
Level 1
Level 1

hi there, in a nutshell I have implemented vlans on a cisco switch network. the core 3550 switch can see all vlans, vlans devices can see each other beautifully. The problem is the original 2600 router with an IP of 10.147.8.1 can only be seen by devices in the 10.147.8.2 vlan I created or by the core switch. The other switches and devices in other vlans can not ping the 2600.

Is there a router setting that needs to be made to point to the new 10.147.8.2 vlan, similar to the default gateway the other vlan devices need to have set?

Thanks!

8 Replies 8

devang_etcom
Level 7
Level 7

hi erick...

first of all tell me hows your router connected to the switch... router is connected with switch using layer 2 port or using layer 3 port...as you explained each and every vlan on switch can communicate with each other that means you had confiuger intervlan routing... and have you configure routing protocol or any static router to see all other routes...?

rate this post if it helps

regards

Devang

the router is connected to a port on a 2950G switch

I assume this is a lyer 3 switch?,

which is configured for access to Vlan10 10.147.8.2

The route I have configured on the 3550 is as follows

ip route 0.0.0.0 0.0.0.0 10.147.8.1 (2600 router)

thanks for the fast response, wow

first of all 2950 is not layer 3 switch so different VLAN on the same switch will not communicate with each other as you are not able to configure the intervlan routing on it so you have to use router for intervlan routing or have to use 3550 ... now its having complexity with some connectivity can you explain connectivity in detail...

rate all helpful post

regards

Devang

ok

I have a core switch 3550 with ip of 10.147.30.1

I have 3 4948 IP's 10.147.30.2-10.147.30.5

I have a 2960G with IP of 10.147.30.6

All of these switches connect back to the 3550 via fiber ports that are set to trunk at the same encapsualtion. I have vlans configured on the 3550

Vlan 10 10.147.8.2

Vlan 3 10.147.24.1

On each switch, I have assigned the appropriate ethernet ports to the appropriate vlans

For example on switch 4948, 10.147.30.2 ethernet port0/2 is assinged to vlan 3

On the 2960G switch ports 2and 3 are assigned to vlan 10

A laptop on the 2960G port 2 (vlan 10)can ping all switches, all vlans and the router on the same vlan in port 3, it can also ping a laptop on vlan 3 which is on another switch. In order for this to work I had to set the default gateway of this laptop to the vlan it resdies on 10.147.8.2

However the router (2600) ip address 10.147.8.1 on vlan 10 , 10.147.8.2 can only be pinged by one switch, the 3550 and the laptop on the same vlan.

each switch has a default gateway of the 3550 which is 10.147.30.1

all intervlan routing seems to be working except for the router device.

the only route I have configured is on the 3550 which is 0.0.0.0 0.0.0.0 10.147.8.1

I have the 3550 default gateway set to itself 10.147.30.1 I have a default network command of 10.0.0.0

ip routing is enabled

I will try to get you the actual configs as it is at the customers site.

The switch is actaully a 2960g not a 2950g sorry for the mistype

hostname VEC_MAIN

!

enable secret xxx

enable password ***********

!

no aaa new-model

switch 1 provision ws-c3750g-12s

vtp interface 10.147.30.1

ip subnet-zero

ip routing

!

!

mls qos map cos-dscp 0 8 16 26 32 46 46 56

meyner22 says:

!

!

no file verify auto

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport mode trunk

!

interface GigabitEthernet1/0/2

switchport trunk encapsulation dot1q

switchport mode trunk

macro description cisco-switch

auto qos voip trust

spanning-tree link-type point-to-point

!

interface GigabitEthernet1/0/3

!

interface GigabitEthernet1/0/4

!

interface GigabitEthernet1/0/5

!

interface GigabitEthernet1/0/6

!

interface GigabitEthernet1/0/7

!

interface GigabitEthernet1/0/8

!

interface GigabitEthernet1/0/9

description IT2

switchport trunk encapsulation dot1q

switchport mode trunk

macro description cisco-switch

auto qos voip trust

spanning-tree link-type point-to-point

!

meyner22 says:

interface GigabitEthernet1/0/10

description IT1

switchport trunk encapsulation dot1q

switchport mode trunk

macro description cisco-switch

auto qos voip trust

spanning-tree link-type point-to-point

!

interface GigabitEthernet1/0/11

switchport trunk encapsulation dot1q

switchport mode trunk

macro description cisco-switch

auto qos voip trust

spanning-tree link-type point-to-point

!

interface GigabitEthernet1/0/12

!

interface Vlan1

ip address 10.147.30.1 255.255.255.0

!

interface Vlan3

ip address 10.147.24.1 255.255.255.0

!

interface Vlan4

ip address 10.147.31.1 255.255.255.0

!

interface Vlan5

ip address 10.147.9.2 255.255.255.0

!

interface Vlan10

ip address 10.147.8.2 255.255.255.0

!

router rip

network 10.0.0.0

meyner22 says:

!

ip default-gateway 10.147.30.1

ip classless

ip default-network 10.0.0.0

ip route 0.0.0.0 0.0.0.0 10.147.8.1

ip http server

!

!

control-plane

!

!

line con 0

line vty 0 4

password ********

no login

line vty 5 15

password ********

no login

!

as you said that... router 2600 and one Laptop in the asme vlan of 2960g... laptop can communicate with all other vlan on each and every switch but router can not... as your laptop can communicate then it means that your intervlan routing is working properly... so its looks starnge... then it may be problem of any acl ... just take a look for it...

regards

Devang

rate all help full post...

yeah i think its strange too. SInce there are no ACL's in place should I put a permit all ACL in there just to make sure?

I can get the laptop in that vlan to act the same way as the router if I change the gateway on the laptop to something other then the vlan IP. If I do that, only the core 3550 and devices in the same vlan can see it.

SO I thought there may be a setting or a route I needed to add to the route to broadcast onto the vlan IP.

Im lost on why one device works and the other doesnt.

thanks for your time

okay just let me know if you find any solution...

regards

Devang

rate all help full post

Dear Devang,

It seems that you have missed the reverse routes on the router so that router knows that 10.147.24.0 /24 (vlan3) subnet can be reached through vlan 10 (10.147.8.2).

Just add a route as ip route 10.147.24.0 255.255.255.0 10.147.8.2

This should solve the issue.

Do let me know if any issues...

Regards,

Ravikumar

Review Cisco Networking for a $25 gift card