Solved: How to route from a vlan to a switch device ip?

socketwiz · ‎01-13-2021

Noob here, I don't have a CCNA certification, I'm just a home user trying to learn more about networking and make my home network more robust and safer so please bear with me. Here is my configuration:

Router

device/gateway IP: 10.0.1.1

That connects to:

Cisco C9200L-24T-4G layer 3 switch

device IP: 10.0.1.2

And connected to that is a:

Cisco Catalyst 1000-8T-2G-L layer 2 switch

device IP: 10.0.1.3

On the layer 3 switch I've created several VLANS:

vlan1: 10.0.10.1/24

vlan2: 10.0.20.1/24

vlan3: 10.0.30.1/24

...

vlan1 is what I'm calling my "main" vlan because that is the one I have my PC connected up to and I would like to be able to manage all of the switches from that machine. So that machine has a 10.0.10.x address and all of the devices have a 10.0.1.x address. I can access all of the vlans, I can access 10.0.1.1 and 10.0.1.2 (and I'm not sure what I did to be able to do that) but for some reason I am not able to access 10.0.1.3.

I have the following routes:

S*    0.0.0.0/0 [1/0] via 10.0.1.1
      10.0.0.0/8 is variably subnetted, 14 subnets, 2 masks
C        10.0.1.0/24 is directly connected, GigabitEthernet1/0/24
L        10.0.1.2/32 is directly connected, GigabitEthernet1/0/24
C        10.0.10.0/24 is directly connected, Vlan1
L        10.0.10.1/32 is directly connected, Vlan1
C        10.0.20.0/24 is directly connected, Vlan2
L        10.0.20.1/32 is directly connected, Vlan2
C        10.0.30.0/24 is directly connected, Vlan3
L        10.0.30.1/32 is directly connected, Vlan3
C        10.0.40.0/24 is directly connected, Vlan4
L        10.0.40.1/32 is directly connected, Vlan4
C        10.0.50.0/24 is directly connected, Vlan5
L        10.0.50.1/32 is directly connected, Vlan5
C        10.0.60.0/24 is directly connected, Vlan6
L        10.0.60.1/32 is directly connected, Vlan6

And my interfaces

Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  10.0.10.1       YES manual up                    up      
Vlan2                  10.0.20.1       YES TFTP   up                    up      
Vlan3                  10.0.30.1       YES TFTP   up                    up      
Vlan4                  10.0.40.1       YES TFTP   up                    up      
Vlan5                  10.0.50.1       YES TFTP   up                    up      
Vlan6                  10.0.60.1       YES manual up                    up      
GigabitEthernet0/0     10.0.2.1        YES TFTP   down                  down 
GigabitEthernet1/0/1   unassigned      YES unset  up                    up   
...
GigabitEthernet1/0/24  10.0.1.2        YES manual up                    up      
...

The layer 2 switch with the IP I can't access, 10.0.1.3, is connected to the layer 3 switch through interface GigabitEthernet1/0/1 with the following configuration

GigabitEthernet1/0/1 is up, line protocol is up (connected) 
  Hardware is Gigabit Ethernet, address is 7cad.4f71.a601 (bia 7cad.4f71.a601)
  Description: Family room
  MTU 1500 bytes, BW 1000000 Kbit/sec, DLY 10 usec, 
     reliability 255/255, txload 1/255, rxload 1/255
  Encapsulation ARPA, loopback not set
  Keepalive set (10 sec)
  Full-duplex, 1000Mb/s, media type is 10/100/1000BaseTX
  input flow-control is on, output flow-control is unsupported 
  ARP type: ARPA, ARP Timeout 04:00:00
  Last input 00:00:00, output 00:00:01, output hang never
  Last clearing of "show interface" counters never
  Input queue: 0/2000/0/0 (size/max/drops/flushes); Total output drops: 0
  Queueing strategy: fifo
  Output queue: 0/40 (size/max)
  5 minute input rate 3000 bits/sec, 5 packets/sec
  5 minute output rate 4000 bits/sec, 4 packets/sec
     1358502 packets input, 163235154 bytes, 0 no buffer
     Received 388157 broadcasts (365897 multicasts)
     0 runts, 0 giants, 0 throttles 
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored
     0 watchdog, 365897 multicast, 0 pause input
     0 input packets with dribble condition detected
     8036429 packets output, 10661411498 bytes, 0 underruns
     Output 187007 broadcasts (0 multicasts)
     0 output errors, 0 collisions, 2 interface resets
     2 unknown protocol drops
     0 babbles, 0 late collision, 0 deferred
     0 lost carrier, 0 no carrier, 0 pause output
     0 output buffer failures, 0 output buffers swapped out

Now just to be clear, that switch is working perfectly. I have some vlans configured on various ports and such they can access the Internet, etc... I just can't manage the switch from my PC on vlan 1. That is all the information I can think of to provide, any ideas? If you need more information let me know. Any idea how I can access that switch 10.0.1.3 from my PC on vlan 1 with address 10.0.10.x? I feel like I might need a static route but I've tried several variations without success. I've also tried several variations of ACL but that doesn't seem like the right path, and I couldn't get it to work either. Thank you in advance for any help you can provide.

Georg Pauwen · ‎01-13-2021

Hello,

make sure the layer 2 switch has:

ip default-gateway 10.0.10.2

configured. You cannot use the 10.0.1.0/24 network on the switch, since that is already used for the connection between the router and the switch.

So the layer 2 switch should look like this:

interface Vlan 1

ip address 10.0.10.2 255.255.255.0

!

ip default-gateway 10.0.10.1

View solution in original post

Georg Pauwen · ‎01-13-2021

Hello,

make sure the layer 2 switch has:

ip default-gateway 10.0.10.2

configured. You cannot use the 10.0.1.0/24 network on the switch, since that is already used for the connection between the router and the switch.

So the layer 2 switch should look like this:

interface Vlan 1

ip address 10.0.10.2 255.255.255.0

!

ip default-gateway 10.0.10.1

socketwiz · ‎01-14-2021

Thank you so much, I was able to get it working with your instructions!

paul driver · ‎01-14-2021

Hello
A little design tweek would enable you have reachability-

1) Create an addtional L3 vlan x for managment 10.0.1.0/24 on the l3 switch
2) Assign ports router <vlan x> l3switch< trunk>l2 switch
3) Give the L2 switch default-gateway of vlan x

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul