Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1087
Views
0
Helpful
7
Replies

Inner VLAN Routing problem

Go to solution
logianto
Level 1
Level 1

‎04-12-2020 07:11 AM

Hello,in our company, we purchased 2 cisco 3750x and decided to make the core of the network out of them. I created several VLANs, and I had difficulties in configuring routing between them, namely computers in one VLAN do not ping computers in another, and also it cannot access the Internet (gateway kerio control). Here is my config 3750 and 2960 in which users are connected. I would be eternally grateful for any help.

3750 stack :

Current configuration : 10883 bytes
!
! Last configuration change at 05:41:21 UTC Mon Jan 2 2006 by admin
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname core01


boot-start-marker
boot-end-marker
!
!

!

no aaa new-model
switch 1 provision ws-c3750x-48
switch 2 provision ws-c3750x-48
system mtu routing 1500
!
!
!
!
ip routing
!
!
!
no ip domain-lookup
ip name-server 192.168.1.5
ip name-server 192.168.0.22
ip name-server 8.8.8.8

 

!spanning-tree mode pvst
spanning-tree extend system-id
no spanning-tree vlan 1
!
!
!
!
vlan internal allocation policy ascending
!
!
!


!
interface FastEthernet0
no ip address
no ip route-cache
shutdown
!
interface GigabitEthernet1/0/1
no switchport
ip address 192.168.1.254 255.255.255.0
ip pim sparse-dense-mode
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/38
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/39
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/40
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/41
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/42
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/43
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/44
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/45
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/46
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/47
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/0/48
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4

!
interface TenGigabitEthernet1/1/1
!
interface TenGigabitEthernet1/1/2
!
i


interface Vlan1
no ip address
!
interface Vlan99
ip address 192.168.99.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
interface Vlan100
ip address 192.168.100.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
interface Vlan101
ip address 192.168.101.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
interface Vlan102
ip address 192.168.102.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
interface Vlan103
ip address 192.168.103.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
interface Vlan104
ip address 192.168.104.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
interface Vlan105
ip address 192.168.105.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
!
!
router eigrp 100
!
!!
ip default-gateway 192.168.1.10
ip forward-protocol nd
!
ip http server
ip http authentication local
ip http secure-server
!
ip route 0.0.0.0 0.0.0.0 192.168.1.10
!
!
ip sla enable reaction-alerts

 

2960:

Current configuration : 7769 bytes
!
! Last configuration change at 06:32:57 UTC Mon Jan 2 2006
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname 2960-99.4
!
boot-start-marker
boot-end-marker
!

no aaa new-model
switch 1 provision ws-c2960s-48ts-l
switch 3 provision ws-c2960s-48lps-l
!
!
!
!
!
!
!
!
!

!
!

!
spanning-tree mode pvst
spanning-tree extend system-id
no spanning-tree vlan 1
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
interface FastEthernet0
no ip address
shutdown
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
switchport access vlan 104
switchport mode access
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
switchport access vlan 104
switchport mode access
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/0/49
switchport trunk native vlan 99
switchport trunk allowed vlan 1,99-105
switchport mode trunk
!
interface GigabitEthernet1/0/50
!
interface GigabitEthernet1/0/51
!
interface GigabitEthernet1/0/52
!
i
interface Vlan1
no ip address
!
interface Vlan99
ip address 192.168.99.4 255.255.255.0
ip helper-address 192.168.1.5
!
ip default-gateway 192.168.99.254
ip http server
ip http authentication local
ip http secure-server

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
logianto
Level 1
Level 1
In response to Richard Burts

‎04-19-2020 08:30 PM

Sorry fo late answer, problem was on Windows Firewall, then i turned it off, everything work fine

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Georg Pauwen
VIP
VIP

‎04-12-2020 07:54 AM

Hello,

 

in your original post you said you had two 3750s. How are the 3750s and the 2960 connected ? Provide a schematic drawing showing how the devices are connected, and through which interfaces...

0 Helpful

Go to solution
logianto
Level 1
Level 1
In response to Georg Pauwen

‎04-12-2020 08:02 AM - edited ‎04-12-2020 08:14 AM

 
 
Interface GigabitEthernet1/0/1 Cisco 3750 connect to kerio control (192.168.1.10)
nterface GigabitEthernet1/0/1
no switchport
ip address 192.168.1.254 255.255.255.0
ip pim sparse-dense-mode
 
cisco 3750 interface GigabitEthernet1/0/37-48 trunk port
interface GigabitEthernet1/0/37
switchport trunk allowed vlan 1,99-105
switchport trunk encapsulation dot1q
switchport trunk native vlan 99
switchport mode trunk
 
interface Vlan99
ip address 192.168.99.254 255.255.255.0
ip helper-address 192.168.1.5
ip pim sparse-dense-mode
 
connect to cisco 2960 in sfp module in interface GigabitEthernet1/0/49
interface GigabitEthernet1/0/49
switchport trunk native vlan 99
switchport trunk allowed vlan 1,99-105
switchport mode trunk
VLAN 99 
interface Vlan99
ip address 192.168.99.4 255.255.255.0
ip helper-address 192.168.1.5
!
 
 
0 Helpful

Go to solution
kapydan88
Level 4
Level 4

‎04-12-2020 11:20 AM

router eigrp 100 <-

 

it looks, like you didnt add any network in your eigrp.

 

router eigrp 100

network 192.168.100.0 0.0.0.255

network 192.168.101.0 0.0.0.255

network 192.168.102.0 0.0.0.255

network 192.168.103.0 0.0.0.255 etc

 

and try to draw connection and network diagram

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to kapydan88

‎04-12-2020 12:26 PM

I agree that if we knew more about this environment that we would be able to give better advice. Based on the posted configs here are some of the things that I notice:

- on the 3750 all of the access ports are in vlan 1. In the 2960 most of the access ports are in vlan 1 with a couple of access ports in vlan 104. But there is no vlan interface for vlan 1 and so no IP address for vlan 1. So the access ports in vlan 1 will not have IP connectivity.

- the 3750 does have ip routing enabled so it can route. It has several connected subnets so it should be able to route between those subnets. It does have a default route configured. If the next hop of that static default route 192.168.1.10 is working then the 3750 can forward outbound traffic. There is not an active dynamic routing protocol. It is not clear whether the gateway at 192.168.1.10 has routes back to the connected subnets. If it does not have routes for the connected subnets then this is the reason why nothing can get outside access.

- the 3750 configures vlans 99 through 105. But vlan 104 is the only vlan with access ports in it. What are these other vlans?

- the 3750 has quite a few trunk ports. But we have no knowledge what they connect to.

HTH

Rick
0 Helpful

Go to solution
logianto
Level 1
Level 1
In response to Richard Burts

‎04-19-2020 08:30 PM

Sorry fo late answer, problem was on Windows Firewall, then i turned it off, everything work fine

0 Helpful

Go to solution
Richard Burts
Hall of Fame
Hall of Fame
In response to logianto

‎04-20-2020 08:11 AM

Thanks for the update letting us know that the problem was the Windows firewall. Glad to know that you got it solved.

HTH

Rick
0 Helpful

Go to solution
kapydan88
Level 4
Level 4
In response to logianto

‎04-20-2020 09:03 AM

in reality, its a very common problem that is usually forgotten about...

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card