Solved: Re: Can't Ping from Sub interface of RTR to Access Port on SW but I can ping end points from the SW.

Smorgan · ‎01-24-2020

I have a Cisco 2911 RTR Sub-Interface

Interface 0/0.100

description "Direct Connect to AWS "
encapsulation dot1Q 100
ip address X.X.254.4 255.255.255.240

Directly connected to a Cisco 3650

Interface 1/0/23

description AWS Connect
switchport access vlan 100
switchport mode access
speed 1000
duplex full

Interface Vlan 100

IP Address X.X.254.13 0.0.0.15

Interface Vlan 9

IP Address X.X.9.1

End Point in AWS X.X.254.1

With this configuration I can ping from the switch to the 254.1 end point without issue but I can not ping the RTR.

From the RTR I can not ping either the .13 address nor the .1 but I can ping the 9.1 interface. I have a feeling it has to do with routing but Im not sure where to start. Can someone please point me in the right direction?

Muhammad Awais Khan · ‎01-24-2020

Hi,

On switch interface connected to Router, make it trunk port instead of Access. Reason behind is that on Router you have created sub interface with vlan encapsulation 100. We should have also tagged/trunk interface on switch side.

Interface 1/0/23

description AWS Connect
No switchport access vlan 100
No switchport mode access

Switchport mode trunk

Switchport trunk allowed vlan 100
speed 1000
duplex full

You can add more VLANS on above switch interface if you create more subinterfaces on Router side. You need to use "switchport trunk allowed vlan add " whenever you add mode vlan on above interface.

View solution in original post

Muhammad Awais Khan · ‎01-24-2020

Hi,

On switch interface connected to Router, make it trunk port instead of Access. Reason behind is that on Router you have created sub interface with vlan encapsulation 100. We should have also tagged/trunk interface on switch side.

Interface 1/0/23

description AWS Connect
No switchport access vlan 100
No switchport mode access

Switchport mode trunk

Switchport trunk allowed vlan 100
speed 1000
duplex full

You can add more VLANS on above switch interface if you create more subinterfaces on Router side. You need to use "switchport trunk allowed vlan add " whenever you add mode vlan on above interface.

Muhammad Awais Khan · ‎01-25-2020

Or if you don't have any intention add more sub interfaces then you can simplify your configuration by keep the same config on the switch what you have already done.

On Router, delete the sub-interface using " no Interface 0/0.100"

And assign the same IP on Gi 0/0

Interface gi0/0

ip address X.X.254.4 255.255.255.240

Georg Pauwen · ‎01-25-2020

Hello,

if you are using a subinterface on the router connected to an access port on the switch, you likely need to add the 'native' keyword:

interface 0/0.100

description "Direct Connect to AWS "
encapsulation dot1Q 100 native
ip address X.X.254.4 255.255.255.240

paul driver · ‎01-25-2020

Hello

I notice you have multiple L3 addressing on the switch vlan 9, vlan 100 So I would say you wouldn't require sub-interfaces on the rtr, as either the rtr or the switch would provide the L3 inter-vlan routing, So if the switch is providing this then the rtr lan facing interface can be just be an standard port, Also is the rtr it will need to be aware of all the other L3 networks on the switch, does it have route(s) for them?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul