Re: Error creating default route on 3750 POE : "Invalid next hop address"

isagarran · ‎11-02-2018

Catalyst 3750 series PoE-48

Cisco IOS Software, C3750 Software (C3750-IPBASEK9-M), Version 12.2(53)SE2, RELEASE SOFTWARE (fc3)
ROM: Bootstrap program is C3750 boot loader
BOOTLDR: C3750 Boot Loader (C3750-HBOOT-M) Version 12.2(44)SE5, RELEASE SOFTWARE (fc1)
System image file is "flash:c3750-ipbasek9-mz.122-53.SE2/c3750-ipbasek9-mz.122-53.SE2.bin"

Hello,

I'm trying to configure the router and I got a problem.

I've a firewall behind a freebox router(192.168.0.x/24). All devices have a gateway IP address set to 192.168.1.9 which is the IP address of the firewall.

I would like to define multiple VLANs on the CISCO switch behind.

Configuration targeted is :

Vlan Id     IP Network            Name                   Additional info              IP address

Vlan 2    192.168.1.0/24      Data-VLAN         Servers, Workstations   192.168.1.9
Vlan 3    192.168.3.0/24      Voice-Vlan          CUCM, IP Phones        192.168.3.9
Vlan 4    192.168.4.0/24      IP-cameras IP     Camera Network          192.168.4.9
Vlan 5    192.168.5.0/24      Mgmt-Wifi           WLC, Access Points    192.168.5.9
Vlan 6    192.168.6.0/24      Guest-VLAN        Guest Wifi VLAN          192.168.6.9

I defined each VLAN and IP address, I set the swich in routing mode. I checked using

show ip interface brief
Interface    IP-Address        OK?     Method    Status    Protocol
Vlan1        10.0.0.3           YES        other         up         up 
Vlan2        192.168.1.9     YES        manual      up         down 
Vlan3        192.168.3.9     YES        manual      up         down 
Vlan4        192.168.4.9     YES       manual       up         down 
Vlan5        192.168.5.9     YES       manual       up         down 
Vlan6        192.168.6.9     YES       manual       up         down 
FastEthernet 1/0/1 unassigned YES unset        down    down

I ran the command before setting the route

show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/24 is subnetted, 1 subnets
C     10.0.0.0      is directly connected,        Vlan1

Then finally I tried and failed to set the route

ip route 0.0.0.0 0.0.0.0 192.168.1.9
%Invalid next hop address (it's this router)

Could you help me and tell me where I'm wrong ?

Regards,

Isagarran

Georg Pauwen · ‎11-02-2018

The routes are not showing up in your routing table because the VLAN interfaces are down. Either way, the next hop for the default route needs to be an IP address NOT configured locally on the 3750.

Can you post the full config of the 3750 ? Do you have 'ip routing' enabled globally ?

isagarran · ‎11-02-2018

Hello

Thanks for the reply. I think I did it globally.

I ran the "show running-config" command.

Regards.

Isagarran

Georg Pauwen · ‎11-02-2018

Hello,

ip routing is enabled, so that is fine.

Your VLAN interfaces are down because none of the ports are assigned to any of the VLANs. In order to see the VLAN routes in the routing table (show ip route) you need to assign them to ports, e.g.:

interface FastEthernet1/0/2
switchport mode access
switchport access vlan 2
spanning-tree portfast
!
interface FastEthernet1/0/3
switchport mode access
switchport access vlan 3
spanning-tree portfast
!
interface FastEthernet1/0/4
switchport mode access
switchport access vlan 4
spanning-tree portfast
!
interface FastEthernet1/0/5
switchport mode access
switchport access vlan 5
spanning-tree portfast
!
interface FastEthernet1/0/6
switchport mode access
switchport access vlan 6
spanning-tree portfast

Either way, as stated, you cannot use any of the local IP addresses as the next hop.

Steven Case, MBA-ITM · ‎11-02-2018

Well, the error is unavoidable (without using VRF) because the fact is the route is on that router.

When an IP address is on the device, the device already knows how to get there - it is in fact the destination. So, telling a router (ip route) to route certain traffic (0.0.0.0 0.0.0.0) to itself (in this case, 192.168.1.9) would be the same as saying, "Hey, if you don't know where to go, then go to yourself to find out where to go."

This is a loop.

So,w hat are you actually trying to overcome here? There is likely another solution.

Deepak Kumar · ‎11-02-2018

Hi,

As I am getting your question, you are trying to configure default router on the Cisco Switch and as per configuration you have attached VLAN2 is also having the same IP on the switch:

interface Vlan2
 ip address 192.168.1.9 255.255.255.0

So the switch will not allow to you.

In this case, your default route will be as

ip route 0.0.0.0 0.0.0.0 <firewall IP/Next hope IP Address>

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

isagarran · ‎11-03-2018

Hello,

Thanks for all your replies. It helps me to clarify and better understand.

I attached the configuration ( as an image) I tend to have. I didn't represent the Freebox in front of that but it is. My CISCO Firewall has a LAN IP 192.168.1.9.

You were right, I did a mistake and VLAN 2 was wrong so I corrected it.

so now I have

show ip interface brief

Interface        IP-Address    OK? Method   Status Protocol
Vlan1           10.0.0.3       YES other    up      up 
Vlan2           192.168.2.9    YES manual   up      down 
Vlan3           192.168.3.9    YES manual   up      down 
Vlan4           192.168.4.9    YES manual   up      down 
Vlan5           192.168.5.9    YES manual   up      down 
Vlan6           192.168.6.9    YES manual   up      down 
FastEthernet1/0/1 unassigned   YES unset    up      up 
FastEthernet1/0/2 unassigned   YES unset    down    down

IP route command ran succesfully

Switch(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.9
Switch(config)#end

But when i tried to see the route, I didn't see it. I ran the commands you gave me in order to assign all interfaces to the VLAN.

I didn't set "fastport" parameter to some interfaces I plan to connect to firewall or Wifi access devices.

I attached my last configuration.

Thanks for your help. I appreciated.

Isagarran

isagarran · ‎11-03-2018

Hello

I forgot to add the show Ip route

show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.0.0.0 is directly connected, Vlan1

Here it is.

thanks

Isagarran

Deepak Kumar · ‎11-03-2018

HI,

Becuase there is no subnet on your switch with 192.168.1.0/?

If you have Point to point l3 link then make one L3 interface make one more VLAN with the subnet.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

isagarran · ‎11-03-2018

Hello

I created (in fact I changed VLAN 2 configuration) but now i'm lost. I've no clues on where's my problem.

configure terminal
Switch(config-if)#interface Vlan2
Switch(config-if)#ip address 192.168.1.254 255.255.255.0
Switch(config-if)#no shutdown
Switch(config-if)#end

I set the route and I checked if it exist. Alas it doesn't !

Switch(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.9
Switch(config)#end
Switch#show ip route     
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

     10.0.0.0/24 is subnetted, 1 subnets
C       10.0.0.0 is directly connected, Vlan1

I checked my configuration is well done

show ip interface brief

Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  10.0.0.3        YES other  up                    up      
Vlan2                  192.168.1.254   YES manual up                    down    
Vlan3                  192.168.3.9     YES manual up                    down    
Vlan4                  192.168.4.9     YES manual up                    down    
Vlan5                  192.168.5.9     YES manual up                    down    
Vlan6                  192.168.6.9     YES manual up                    down    
FastEthernet1/0/1      unassigned      YES unset  up                    up     
.....
...
GigabitEthernet1/0/3   unassigned      YES unset  down                  down    
GigabitEthernet1/0/4   unassigned      YES unset  down                  down    
Loopback1              unassigned      YES unset  up                    up

So it seems it is OK. but the route isn't.

I attach my last configuration.

If you have some ideas to share, let me know.

Regards.

Isagarran

Georg Pauwen · ‎11-03-2018

Hello,

--> Vlan2 192.168.1.254 YES manual up down

That is why you don't see the route. You need to assign a port to the Vlan, and connect something to that port so that it is up/up.

isagarran · ‎11-04-2018

Hello

I lost the configuration. I recreated it but I did a wrong configuration (port defined to connect the firewall was wronly defined). The VLAN management 1 had 10.0.0.1 address and I didn't modify it. Now when I tried to enter in Express mode, the led blinks. As I understood, it is expected. But I'm no longer able to connect to the switch to reconfigure it.

I've to reinitialize it and reconfigure it correctly.

I think this "Invalid next hop address" subject can be closed.

Thanks for your help,

Isagarran

Deepak Kumar · ‎11-04-2018

Hi,

I am not sure what is your meaning with "Reconfigure". Has did factory reset to the switch?

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!

isagarran · ‎11-05-2018

Hello,

Yes . As I'm unable to join the switch in order to configure correct IP address, I'll have to reset the switch and configure all rules again.

I let one interface on VLAN 1 and I didn't modify the IP address.

interface FastEthernet1/0/1
...
...
interface Vlan1
 ip address 10.0.0.1 255.255.255.0 secondary
 ip address 10.0.0.3 255.255.255.0

But since I ran the command "copy run start", the switch reboated (I didn't do the reload command)

then I do no longer able to connect on 10.0.0.1. So reset seems to be the only issue.

Isagarran

Deepak Kumar · ‎11-03-2018

Hi,

VLAN 2 protocol is showing down means it is not assigned to any interface or assigned interface is down.

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!