01-13-2021 03:54 PM
Noob here, I don't have a CCNA certification, I'm just a home user trying to learn more about networking and make my home network more robust and safer so please bear with me. Here is my configuration:
Router
device/gateway IP: 10.0.1.1
That connects to:
Cisco C9200L-24T-4G layer 3 switch
device IP: 10.0.1.2
And connected to that is a:
Cisco Catalyst 1000-8T-2G-L layer 2 switch
device IP: 10.0.1.3
On the layer 3 switch I've created several VLANS:
vlan1: 10.0.10.1/24
vlan2: 10.0.20.1/24
vlan3: 10.0.30.1/24
...
vlan1 is what I'm calling my "main" vlan because that is the one I have my PC connected up to and I would like to be able to manage all of the switches from that machine. So that machine has a 10.0.10.x address and all of the devices have a 10.0.1.x address. I can access all of the vlans, I can access 10.0.1.1 and 10.0.1.2 (and I'm not sure what I did to be able to do that) but for some reason I am not able to access 10.0.1.3.
I have the following routes:
S* 0.0.0.0/0 [1/0] via 10.0.1.1 10.0.0.0/8 is variably subnetted, 14 subnets, 2 masks C 10.0.1.0/24 is directly connected, GigabitEthernet1/0/24 L 10.0.1.2/32 is directly connected, GigabitEthernet1/0/24 C 10.0.10.0/24 is directly connected, Vlan1 L 10.0.10.1/32 is directly connected, Vlan1 C 10.0.20.0/24 is directly connected, Vlan2 L 10.0.20.1/32 is directly connected, Vlan2 C 10.0.30.0/24 is directly connected, Vlan3 L 10.0.30.1/32 is directly connected, Vlan3 C 10.0.40.0/24 is directly connected, Vlan4 L 10.0.40.1/32 is directly connected, Vlan4 C 10.0.50.0/24 is directly connected, Vlan5 L 10.0.50.1/32 is directly connected, Vlan5 C 10.0.60.0/24 is directly connected, Vlan6 L 10.0.60.1/32 is directly connected, Vlan6
And my interfaces
Interface IP-Address OK? Method Status Protocol Vlan1 10.0.10.1 YES manual up up Vlan2 10.0.20.1 YES TFTP up up Vlan3 10.0.30.1 YES TFTP up up Vlan4 10.0.40.1 YES TFTP up up Vlan5 10.0.50.1 YES TFTP up up Vlan6 10.0.60.1 YES manual up up GigabitEthernet0/0 10.0.2.1 YES TFTP down down
GigabitEthernet1/0/1 unassigned YES unset up up ... GigabitEthernet1/0/24 10.0.1.2 YES manual up up ...
The layer 2 switch with the IP I can't access, 10.0.1.3, is connected to the layer 3 switch through interface GigabitEthernet1/0/1 with the following configuration
GigabitEthernet1/0/1 is up, line protocol is up (connected) Hardware is Gigabit Ethernet, address is 7cad.4f71.a601 (bia 7cad.4f71.a601) Description: Family room MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, reliability 255/255, txload 1/255, rxload 1/255 Encapsulation ARPA, loopback not set Keepalive set (10 sec) Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX input flow-control is on, output flow-control is unsupported ARP type: ARPA, ARP Timeout 04:00:00 Last input 00:00:00, output 00:00:01, output hang never Last clearing of "show interface" counters never Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0 Queueing strategy: fifo Output queue: 0/40 (size/max) 5 minute input rate 3000 bits/sec, 5 packets/sec 5 minute output rate 4000 bits/sec, 4 packets/sec 1358502 packets input, 163235154 bytes, 0 no buffer Received 388157 broadcasts (365897 multicasts) 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored 0 watchdog, 365897 multicast, 0 pause input 0 input packets with dribble condition detected 8036429 packets output, 10661411498 bytes, 0 underruns Output 187007 broadcasts (0 multicasts) 0 output errors, 0 collisions, 2 interface resets 2 unknown protocol drops 0 babbles, 0 late collision, 0 deferred 0 lost carrier, 0 no carrier, 0 pause output 0 output buffer failures, 0 output buffers swapped out
Now just to be clear, that switch is working perfectly. I have some vlans configured on various ports and such they can access the Internet, etc... I just can't manage the switch from my PC on vlan 1. That is all the information I can think of to provide, any ideas? If you need more information let me know. Any idea how I can access that switch 10.0.1.3 from my PC on vlan 1 with address 10.0.10.x? I feel like I might need a static route but I've tried several variations without success. I've also tried several variations of ACL but that doesn't seem like the right path, and I couldn't get it to work either. Thank you in advance for any help you can provide.
Solved! Go to Solution.
01-13-2021 10:13 PM - edited 01-13-2021 11:10 PM
Hello,
make sure the layer 2 switch has:
ip default-gateway 10.0.10.2
configured. You cannot use the 10.0.1.0/24 network on the switch, since that is already used for the connection between the router and the switch.
So the layer 2 switch should look like this:
interface Vlan 1
ip address 10.0.10.2 255.255.255.0
!
ip default-gateway 10.0.10.1
01-13-2021 10:13 PM - edited 01-13-2021 11:10 PM
Hello,
make sure the layer 2 switch has:
ip default-gateway 10.0.10.2
configured. You cannot use the 10.0.1.0/24 network on the switch, since that is already used for the connection between the router and the switch.
So the layer 2 switch should look like this:
interface Vlan 1
ip address 10.0.10.2 255.255.255.0
!
ip default-gateway 10.0.10.1
01-14-2021 03:14 PM
Thank you so much, I was able to get it working with your instructions!
01-14-2021 01:28 AM - edited 01-14-2021 01:29 AM
Hello
A little design tweek would enable you have reachability-
1) Create an addtional L3 vlan x for managment 10.0.1.0/24 on the l3 switch
2) Assign ports router <vlan x> l3switch< trunk>l2 switch
3) Give the L2 switch default-gateway of vlan x
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide