cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2294
Views
15
Helpful
10
Replies

3750 routing question. Please help

IvanZabaluyev
Level 1
Level 1

Dear community,

 

I am a newbie at Cisco, working on getting my CCNA, and I am trying to make my LAB 3750 switch to work for me at my home network configuration.

I have 2 Vlans.

I configured Vlan interfaces,

Port configuration:

G1/0/1 - connected to the cable modem. IP address DHCP.

G1/0/2 - connected to WiFi Router to make wifi separate

Ip address 10.0.30.1/24

G1/0/3-12 VLAN 10, DANTE network

Interface VLAN 10:

10.0.10.1 /24

 

G1/0/13-24 - VLAN 20, Home Ethernet.

Interface VLAN 20:

10.0.20.1 /24

 

IP Routing enabled.   

 

Ping is working nice between devices in VLANs.

And ping working nice from the devices in VLANs and Gi1/0/1 DHCP gained address.

Ping working fine from the switch to the external world. 

!!! But when I am trying to ping the world address from the Vlan interface on the switch, - success rate is 0

 

Here is conf:

 

Current configuration : 4829 bytes

!

version 12.2

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname Zaba_SW1

!

boot-start-marker

boot-end-marker

 

! EN secret and password data deleted !

 

no aaa new-model

switch 1 provision ws-c3750g-24ts-1u

system mtu routing 1500

vtp mode off

ip routing

ip domain-name ZABANET

ip dhcp excluded-address 10.0.10.1

ip dhcp excluded-address 10.0.20.1

ip dhcp excluded-address 10.0.30.1

!

ip dhcp pool DANTE

   network 10.0.10.0 255.255.255.0

   dns-server 68.111.106.68 208.67.222.222 208.67.220.220 8.8.8.8 4.4.4.4 

   default-router 10.0.10.1 

!

ip dhcp pool Ethernet_Home

   network 10.0.20.0 255.255.255.0

   dns-server 68.111.106.68 208.67.222.222 208.67.220.220 8.8.8.8 4.4.4.4 

   default-router 10.0.20.1 

!

ip dhcp pool Google_WiFi

   network 10.0.30.0 255.255.255.0

   dns-server 68.111.106.68 208.67.222.222 208.67.220.220 8.8.8.8 4.4.4.4 

   default-router 10.0.30.1 

!

!

!

!         

! SSH configuration part deleted!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

vlan 10

 name DANTE

!

vlan 20

 name Ethernet_Home

!

ip ssh version 1

!

!         

interface GigabitEthernet1/0/1

 no switchport

 ip address dhcp

!

interface GigabitEthernet1/0/2

 description GoogleWiFi

 no switchport

 ip address 10.0.30.1 255.255.255.0

!

interface GigabitEthernet1/0/3

 switchport access vlan 10

!

interface GigabitEthernet1/0/4

 switchport access vlan 10

!

interface GigabitEthernet1/0/5

 switchport access vlan 10

!

interface GigabitEthernet1/0/6

 switchport access vlan 10

!

interface GigabitEthernet1/0/7

 switchport access vlan 10

!

interface GigabitEthernet1/0/8

 switchport access vlan 10

!

interface GigabitEthernet1/0/9

 switchport access vlan 10

!

interface GigabitEthernet1/0/10

 switchport access vlan 10

!

interface GigabitEthernet1/0/11

 switchport access vlan 10

!

interface GigabitEthernet1/0/12

 switchport access vlan 10

!

interface GigabitEthernet1/0/13

 switchport access vlan 20

!

interface GigabitEthernet1/0/14

 switchport access vlan 20

!

interface GigabitEthernet1/0/15

 switchport access vlan 20

!

interface GigabitEthernet1/0/16

 switchport access vlan 20

!

interface GigabitEthernet1/0/17

 switchport access vlan 20

!

interface GigabitEthernet1/0/18

 switchport access vlan 20

!

interface GigabitEthernet1/0/19

 switchport access vlan 20

!

interface GigabitEthernet1/0/20

 switchport access vlan 20

!

interface GigabitEthernet1/0/21

 switchport access vlan 20

!

interface GigabitEthernet1/0/22

 switchport access vlan 20

!         

interface GigabitEthernet1/0/23

 switchport access vlan 20

!

interface GigabitEthernet1/0/24

 switchport access vlan 20

!

interface GigabitEthernet1/0/25

!

interface GigabitEthernet1/0/26

!

interface GigabitEthernet1/0/27

!

interface GigabitEthernet1/0/28

!

interface Vlan1

 no ip address

!

interface Vlan10

 ip address 10.0.10.1 255.255.255.0

!

interface Vlan20

 ip address 10.0.20.1 255.255.255.0

!         

ip classless

ip http server

ip http secure-server

!

!

vstack

!

line con 0

line vty 0 4

 login local

 transport input ssh

line vty 5 15

 login local

 transport input ssh

!

end 

 

 

__________________________________________

Zaba_SW1# sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route

 

Gateway of last resort is 68.5.24.1 to network 0.0.0.0

 

     68.0.0.0/21 is subnetted, 1 subnets

C       68.5.24.0 is directly connected, GigabitEthernet1/0/1

     10.0.0.0/24 is subnetted, 2 subnets

C       10.0.30.0 is directly connected, GigabitEthernet1/0/2

C       10.0.20.0 is directly connected, Vlan20

S*   0.0.0.0/0 [254/0] via 68.5.24.1

 

__________________________________________

 

Please help.

 

Thank you for your attention.

 

1 Accepted Solution

Accepted Solutions

Ivan

 

You are quite correct that a real router with NAT will solve this problem, will provide Internet connectivity, and would have other features that you might find useful.

HTH

Rick

View solution in original post

10 Replies 10

luckymike33
Level 1
Level 1

Hi Ivan, 

 

I did not see any mention anywhere of a route back to those subnets you created, being configured on your cable modem?

Mike 

Thank you Mike for your reply.

I have a Motorola cable modem with no configuration through the web interface. It is accessible via the web interface by address 192.168.100.1

There is no routing configuration inside. This part is a total dark matter for me. The modem accessible with 192.168.100.1 address, and it is connected to port g1/0/1, that received address 68.5.24.49/21 by DHCP from the modem. and when I am logging to the web interface of the modem by address 192.168.100.1, the system reports that my IP address is: 10.71.31.19. 

 

If you mean routing configuration inside the switch, please be more specific. A far as I understand I have SVIs for VLANs, that show IP route reported as directly connected, I have directly connected network 68.0.0.0/21 that is connected to the internet, 

As I said before I can ping internet from the switch, but when I am trying to ping from the 10.0.20.1 to the internet I have 0 success. 

Thank you again for your reply. But I really don't get it. If you have some time, please point me to my mistake. 

 

Thank you

The main issue here is that your switch is using "private" IP addressing. To access resources in the public Internet you need address translation. Unfortunately your switch does not support configuration of address translation. If there is a way to get address translation on the cable modem your network would work. But without address translation it will not.

HTH

Rick

Thank you, Richard, so much for the detailed explanation. I gonna look for another solution with NAT. 

 

Best Regards. 

Ivan. 

Hello,

 

what type/model is your Motorola cable modem (e.g. MG 7550) ?

Hello George,

It is MB7621

 

Thank you. 

Hello,

 

I checked the user guide for the MB7621, not much you can configure unfortunately. They are talking about reserved guest networks for other types, you could try if these guest networks also work on the MB7621, that is, change your DHCP pools and make them use these guest networks. e.g.:

 

ip dhcp pool Ethernet_Home

network 192.168.1.0 255.255.255.0

!

ip dhcp pool Google_WiFi

network 192.168.2.0 255.255.255.0

 

 

--> The MG7550 and MG7540 reserve subnets 192.168.1.x & 192.168.2.x, and 192.168.21.x & 192.168.22.x for Guest networks. These reservations cannot be changed.

The MG7310 and MG7315 reserve subnets 192.168.1.x through 192.168.7.x for Guest networks. These reservations cannot be changed.

Thanks, George

 

I will try to make it tomorrow, but I feel, that I probably need to use a real router, with NAT, and additional features. 

Thank you.

Best Regards,

 

Ivan 

Ivan

 

You are quite correct that a real router with NAT will solve this problem, will provide Internet connectivity, and would have other features that you might find useful.

HTH

Rick

Ivan

 

This has been an interesting discussion and it involves an issue that comes up frequently when discussing access to Internet from private networks. I am glad that our explanations and suggestions have been helpful. Thank you for marking this question as solved. This will help other participants in the community to identify discussions which have helpful information. This community is an excellent place to ask questions and to learn about networking. I hope to see you continue to be active in the community.

HTH

Rick