Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3209
Views
25
Helpful
15
Replies

cisco 2960 running two VLANs, can't route/get out of local networks (pfsense router)

Go to solution
cisco-newb
Level 1
Level 1

‎12-19-2019 06:14 PM - edited ‎12-20-2019 05:44 AM

I have a 2960 switch with 'ip routing' enabled, I did run 'sdm prefer lanbase-routing' followed by a copy run start and a reload. IP Routing is enabled. Here is the setup:

 

pfsense router

- LAN, 10.25.25.1 /24

- LAN2, 192.168.33.1 /24

- pfsense has an outbound NAT for 10.25.25.0 /24 (from the cisco switch CLI, I can ping google.com, 8.8.8.8, etc...)

- Static route on pfsense to 10.25.25.254 /24 network, using 10.25.25.254 as the gateway.

 

cisco 2960 switch

- VLAN 1, 10.25.25.254 /24

- VLAN 100, 10.1.100.1 /24

- VLAN 200, 10.1.200.1 /24

- Static route on cisco switch, 0.0.0.0 0.0.0.0 10.25.25.1

 

---EDIT---

pfsense and cisco switch are connected using LAN port on pfsense (dedicated port, nothing else on LAN on pfsense) and interface 48 on the cisco switch (which is currently only on VLAN 1).

---EDIT---

 

Right now VLAN 200 isn't doing anything on the cisco switch, I want to get VLAN 100 working, first, then I'll deal with VLAN 200. Most likely I'll mirror what was done for VLAN 100.

 

Interface gi1/0/37 is on VLAN 100, it is configured as an access port. I have a laptop plugged into interface 37. DHCP is also configured on the cisco for VLAN 100, the laptop grabs a 10.1.100.100 IP address.

 

From a PC on LAN2 on the pfsense side (192.168.33.122) I can ping 10.25.25.1, 10.25.25.254, 10.1.100.1, 10.1.100.100. So far so good. 

 

From the laptop on VLAN 100 plugged into interface 37, I can't ping 8.8.8.8, 10.25.25.1, 192.168.33.122. I am able to ping 10.1.100.1 and 10.25.25.254.

 

I feel like I am missing something very obvious, but I can't figure out what that is. Any help is appreciated.

 

Thanks.

Labels:
0 Helpful
15 Replies 15

Go to solution
paul driver
VIP
VIP
In response to cisco-newb

‎12-20-2019 03:08 PM

Hello 

glad to hear its now sorted, please mark the post as solved if your happy with the solution,


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card