Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
12326
Views
5
Helpful
61
Replies

Inter VLAN routing: Can ping default VLAN IP from other VLAN's but no further. Default VLAN IP not forwarding the request?

Go to solution
Tom
Level 1
Level 1

‎12-02-2019 11:28 AM - edited ‎12-02-2019 12:14 PM

Hi All,

 

Please bear with me as I'm new to this and relatively new to Networking at this level.

I'm trying to set up inter VLAN routing.  Following this post:

https://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html

I've configured everything I could (or perhaps almost everything except for 6) Configure the interface to the default router.  part. ).  This is an older Cisco 3750G switch:  

 

VLAN1 192.168.0 (IP 192.168.0.3, Secondary 192.168.0.4)
VLAN2 10.0.0.0 ( IP 10.0.0.1 )
VLAN3 10.1.0.0 ( IP 10.1.0.1 )
VLAN4 10.2.0.0 ( IP 10.2.0.1 )

Now from the switch itself, I can ping all IP's without any issues.  For example, I can ping 192.168.0.100 from the switch but not from within VLAN 2 devices.  However, I can ping 192.168.0.3 and 192.168.0.4 (secondary), the switch VLAN 1 IP's from within devices on VLAN 2. 

 

Devices on VLAN2 can ping each other, the VLAN IP and even the default VLAN (Switch IP) 192.168.0.3 and 192.168.0.4  above.  But nothing beyond the two VLAN 1 IP's above.  What am I missing?  My first thought is missing trunking or a setting on VLAN1 but I'm not 100% on that nor what those commands would be.

 

Thx,

 

mdscisco01#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.0.1 to network 0.0.0.0

     10.0.0.0/24 is subnetted, 1 subnets
C       10.0.0.0 is directly connected, Vlan2
C    192.168.0.0/24 is directly connected, Vlan1
S*   0.0.0.0/0 [1/0] via 192.168.0.1
mdscisco01#

 

Labels:
0 Helpful
61 Replies 61

Go to solution
Tom
Level 1
Level 1
In response to Tom

‎12-14-2019 10:32 PM - edited ‎12-15-2019 12:16 AM

I've picked up another switch, WS-C4948-10GE (cat4500-ENTSERVICESK9-M), lying around and hooked it up to my setup.  New topology diagram attached.

 

For some reason enabling "ip routing" doesn't work.  Would you happen to know why?

 

mdscisco02#
mdscisco02#sh run | include routing
mdscisco02#conf t
Enter configuration commands, one per line.  End with CNTL/Z.
mdscisco02(config)#ip routing
mdscisco02(config)#exit
mdscisco02#sh run | include routing
mdscisco02#sh ver
Cisco IOS Software, Catalyst 4500 L3 Switch Software (cat4500-ENTSERVICESK9-M), Version 15.0(2)SG11, RELEASE SOFTWARE (fc2)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2016 by Cisco Systems, Inc.
Compiled Mon 24-Oct-16 09:48 by prod_rel_team
Image text-base: 0x10000000, data-base: 0x123AECA8

ROM: 12.2(31r)SGA7
Pod Revision 0, Force Revision 31, Gill Revision 20

mdscisco02 uptime is 7 hours, 29 minutes
System returned to ROM by power-on
System image file is "bootflash:cat4500-entservicesk9-mz.150-2.SG11.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

cisco WS-C4948-10GE (MPC8540) processor (revision 5) with 262144K bytes of memory.
Processor board ID FOX104503ZB
MPC8540 CPU at 667Mhz, Fixed Module
Last reset from PowerUp
1 Virtual Ethernet interface
48 Gigabit Ethernet interfaces
2 Ten Gigabit Ethernet interfaces
511K bytes of non-volatile configuration memory.

Configuration register is 0x2102

mdscisco02#

I'm also planning to extend VLAN 2, 3, 4, 5 from the Cisco 3750G over to this new Cisco WS-C4948-10GE, or at least see if it's possible.  This post provides an explanation and does makes some sense to me but wanted to tap your experience here first before I dive in and try anything.  

 

A third question that I have is how do I prevent clients on VLAN 5 from accessing any other VLAN?

 

Thx,
TK

Preview file
66 KB
0 Helpful

Go to solution
Tom
Level 1
Level 1
In response to Tom

‎12-15-2019 11:47 PM

Nm.  Completed all three:

 

  1. Can't enable ip routing or ip routing isn't showing up when executed from conf t (global config).  Need fix. ( DONE: Fixed, C4948 has this automatically enabled. no ip routing will show up however since a default is being changed. )

  2. Span VLAN's across multiple switches.  ( DONE:  Created a Trunk linking the two switches and allowing all VLAN's to be configured on it.   Used one GigE int 1/0/1. )

  3. Link two switches together via LACP / EtherChannel. ( DONE: Port 1-4 of both switches configured as LACP + Trunk)

 

 

Thx,
TK

0 Helpful
Customers Also Viewed These Support Documents