Re: Inter-vlan routing help

Bell-ah · ‎04-29-2022

I can't ping my directly connected router from my switch and I can't figure out why. I'm just learning how to do all this stuff so please have mercy on me. This is in packet tracer btw. Here are my configs:

Switch 1:

Current configuration : 2623 bytes

!

version 15.0

no service timestamps log datetime msec

no service timestamps debug datetime msec

service password-encryption

!

hostname S1

!

enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1

!

no ip domain-lookup

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

switchport mode access

shutdown

!

interface FastEthernet0/2

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/3

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/4

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/5

switchport access vlan 10

switchport trunk native vlan 10

switchport mode trunk

!

interface FastEthernet0/6

switchport access vlan 10

switchport mode access

switchport port-security mac-address sticky

!

interface FastEthernet0/7

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/8

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/9

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/10

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/11

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/12

switchport access vlan 10

switchport mode access

shutdown

!

interface FastEthernet0/13

switchport access vlan 30

switchport mode access

shutdown

!

interface FastEthernet0/14

switchport access vlan 30

switchport mode access

shutdown

!

interface FastEthernet0/15

switchport access vlan 30

switchport mode access

shutdown

!

interface FastEthernet0/16

switchport access vlan 30

switchport mode access

shutdown

!

interface FastEthernet0/17

switchport access vlan 30

switchport mode access

shutdown

!

interface FastEthernet0/18

switchport access vlan 30

switchport mode access

shutdown

!

interface FastEthernet0/19

switchport mode access

shutdown

!

interface FastEthernet0/20

switchport mode access

shutdown

!

interface FastEthernet0/21

switchport mode access

shutdown

!

interface FastEthernet0/22

switchport mode access

shutdown

!

interface FastEthernet0/23

switchport mode access

shutdown

!

interface FastEthernet0/24

switchport mode access

shutdown

!

interface GigabitEthernet0/1

switchport mode access

shutdown

!

interface GigabitEthernet0/2

switchport mode access

shutdown

!

interface Vlan1

no ip address

shutdown

!

interface Vlan10

ip address 192.168.10.11 255.255.255.0

!

line con 0

logging synchronous

!

line vty 0 4

login

line vty 5 15

login

!

end

Router 1:

Current configuration : 1562 bytes

!

version 15.1

no service timestamps log datetime msec

no service timestamps debug datetime msec

service password-encryption

!

hostname R1

!

enable secret 5 $1$mERr$9cTjUIEqNGurQiFU.ZeCi1

!

ip cef

no ipv6 cef

!

license udi pid CISCO2911/K9 sn FTX1524F966-

!

no ip domain-lookup

!

spanning-tree mode pvst

!

interface Loopback0

ip address 192.168.20.1 255.255.255.0

!

interface GigabitEthernet0/0

no ip address

duplex auto

speed auto

ipv6 address FC00::1/64

!

interface GigabitEthernet0/0.10

encapsulation dot1Q 10

ip address 10.3.3.1 255.255.255.0

!

interface GigabitEthernet0/0.30

encapsulation dot1Q 30

no ip address

!

interface GigabitEthernet0/1

no ip address

duplex auto

speed auto

ipv6 address 2001:DB8:ACAD:A::/64 eui-64

!

interface GigabitEthernet0/1.10

encapsulation dot1Q 10

ip address 192.168.10.1 255.255.255.0

!

interface GigabitEthernet0/1.30

encapsulation dot1Q 30

no ip address

!

interface GigabitEthernet0/2

no ip address

duplex auto

speed auto

shutdown

!

interface Vlan1

no ip address

shutdown

!

router ospf 1

log-adjacency-changes

network 10.3.3.0 0.0.0.255 area 0

network 192.168.20.0 0.0.0.255 area 0

network 192.168.10.0 0.0.0.255 area 0

network 192.168.30.0 0.0.0.255 area 0

network 209.165.201.0 0.0.0.255 area 0

!

ip classless

!

ip flow-export version 9

!

line con 0

logging synchronous

!

line aux 0

!

line vty 0 4

password 7 0822404F1A0A

logging synchronous

login

line vty 5 15

password 7 0822404F1A0A

logging synchronous

login

!

end

Any help is much appreciated! Thank you!

Georg Pauwen · ‎04-30-2022

Hello,

on the switch, add:

ip default-gateway 192.168.10.1

Jon Marshall · ‎05-01-2022

Is the router connected to the switch on fa0/5 ?

If so you cannot make the native vlan 10 as the router is expecting to see a tag so you need to change the native vlan to just an unused one.

Jon

Martin L · ‎05-02-2022

zip your PT file and add it here;

Richard Burts · ‎05-02-2022

There are some things about this environment that we do not know and which might make some difference. For example the router to switch interface is on which interface. And which device is doing the ping to test connectivity?

The suggestion to add ip default-gateway is probably a good suggestion. But I suspect that this is not the issue - and it would really only be an issue if the switch were attempting to ping an address in a remote subnet. Which does not seem to be the case in the original post.

I believe that @Jon Marshall has correctly identified the issue. The switch config makes vlan 10 the native vlan. So frames from vlan 10 to the router will not be tagged. But the router configuration of the G0/1.10 expects frames on vlan 10 to be tagged. This mismatch would certainly make it impossible for the switch to ping the router.

The solution might be for the switch to make the native vlan something other than 10 (which is the solution suggested by Jon) or it would be for the router to identify vlan 10 as the native vlan in its interface config. Either approach should work.

HTH

Rick

Bell-ah · ‎05-02-2022

This is the actual packet tracer file itself. I'll try your suggestions out tonight, but in case anyone still wanted it here it is. Thanks for all your help!!

Martin L · ‎05-03-2022

Both PCs IP configs are not correct; What do you need to reach remote networks like this site? (hint: ipconfig /all)

if you change Native vlan from 1 to 10 on switch, you also must do this on router as well; or keep native as vlan 1; right now router's native vlan is 1 and that is on the main interface itself. Router 3 is missing ip config on .30 sub-interface;

Router to router links do not need encapsulation dot1Q usually; aka, p2p links, no trunking. Basically trunking and vlans usually stay locally, do not cross WAN links, like vlan 10 on left side is not same as vlan 10 right side; aka 2 different vlans even if u make/force them to share same subnet.

Try solve it by yourself; if u still need help, i can post my solutions later

Regards, ML
**Please Rate All Helpful Responses **

EdgarMurray8920 · ‎05-03-2022

We need the enable password for the routers and switches in order to work with the Packet Tracer file