07-20-2021 04:28 AM
issue with vlans and routing...
Cisco isr 921 - IOS C900 software v15.8(3)m2
Simple config
Gig0 is trunked and plugged into ethernet switch (no ip)
Vlan1 192.168.2.4 /24
Vlan400 192.168.1.1 /24
ip routing enabled
DG 0.0.0.0 0.0.0.0 192.168.2.253
Router can ping both vlans
extended ping from vlan400 to 192.168.2.253 fails
laptop on network with IP 192.168.1.2 cannot ping vlan400
the command "sh vlan 400" does not work
sh vlans returns "no vlans configured"
Sh int vlan 400 shows vlan up and up
see config below...
what am i missing please?
Thank you.
Solved! Go to Solution.
07-21-2021 05:53 AM
Thanks for all responses - figured out issue - had to get my head into routing mode and figure it out...
default gateway was number one. on the 192.168.2.0 network, the DG is the Sonicwall and there is no route back to 192.168.1.0 network so that makes sense. With a PC on the 2.0 network and DG of the Cisco - accessing the VLAN 400 works.
As far as the PC on the same network with a 1.0 address, the switch was the issue. It was a test switch and already had VLAN 400 programming that did not match my little test environment. Changed switch and all is good.
Thank you again for the responses, very much appreciated.
07-20-2021 05:06 AM
If you are not doing NAT in this device
you need static route required in this device who holding this IP 192.168.2.253 ( what device is this ?)
belowexampl like (cisco syntax)
ip route 192.168.1.0 255.255.255.0 192.168.2.4 ( your router IP)
other way to work for NAT let me know if you like to go that route to give sample config.
07-20-2021 06:14 AM
thank you for reply. No NAT needed - this is all internal. I did add that route but did not help and will try again.
192.168.2.253 is a sonicwall firewall to Internet. I do need to put a route in there for the 192.168.1.1 network too. But when i connected a laptop to the network in the 192.168.1.0 network with the Cisco 921 as the default GW, i assumed i should be able to ping the vlan400 interface. (Since i'm just testing at this point not trying to get to internet from laptop on the 192.168.1.0 network yet)
When this router goes into production, Gig5 will connect to a MetroE and GIg6 will connect to an Internet router for a backup link configured via VPN tunnel to another Cisco 921. Right not in my office building a basic config for testing.
Onsite, the client has Cisco SG300 switches running Cisco VOIP (vlan400) and LAN (vlan1) plus will break out another VLAN for WIFI. So we are building a basic config to test and will fully configure before going onsite with client IP's etc.
please advise and thank you again!
07-20-2021 06:39 AM
Ok Can you make small diagram how these connected.
I as in impression that you connected PC to Router and testing
i was expecting PC have IP address 192.168.1.X /24 gateway 192.168.1.1 - this time you should be able ping.
other than Gi0 most of the interface are down in the config? what interface is the PC connected ?
07-20-2021 06:42 AM
Hello,
you might need to manually create the Vlans:
Router1#conf t
Router1(config)#vlan 400
07-21-2021 05:53 AM
Thanks for all responses - figured out issue - had to get my head into routing mode and figure it out...
default gateway was number one. on the 192.168.2.0 network, the DG is the Sonicwall and there is no route back to 192.168.1.0 network so that makes sense. With a PC on the 2.0 network and DG of the Cisco - accessing the VLAN 400 works.
As far as the PC on the same network with a 1.0 address, the switch was the issue. It was a test switch and already had VLAN 400 programming that did not match my little test environment. Changed switch and all is good.
Thank you again for the responses, very much appreciated.
07-21-2021 07:14 AM
Glad to know all working , thank you for the feedback.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide