Solved: L3 switch can't resolve fqdn

mcgiga · ‎09-24-2024

Hi,

I am setting up smart licensing on several L2 and one L3 switch. L2 is working fine, L3 not. It seem that fqdn's can't be resolved.
On L3 dns server is set up. There is a transit VLAN between L3 and the firewall.

When I specify the source in ping every VLAN can ping 1.1.1.1 and google.com. Without the source specified L3 switch uses the transit VLAN as source for ping and name resolution. That VLAN is blocked at the firewall. So only all other VLANs are allowed to reach 1.1.1.1.

How can I set on L3 switch that it should use i. e. VLAN 200 by default for ping and name resolution? In other words all L2 switches have an ip address in the management VLAN and can resolve names. L3 has an ip address in that management VLAN too but it doesn't use this VLAN for it.

Flavio Miranda · ‎09-25-2024

Considering it is using HTTP to get to Cisco, you can also specify the source

ip http client source-interface vlan200

The L3 switch will not have a source interface default, it will the IP address on interface or interface vlan that have connectivity to the gateway.

View solution in original post

Flavio Miranda · ‎09-24-2024

@mcgiga

ip domain lookup source-interface vlan200

mcgiga · ‎09-25-2024

Thanks. After setting up VRFs because of a different issue, your command worked. Ping to 1.1.1.1 and google.com works.

Registering the switch in smart licensing still fails. Which source interface does this service use by default? I guess it doesn't use VLAN200 to register it at cisco.

I tried license smart vrf VLAN_200 but it seems that smart transport doesn't use this VRF/VLAN.

Flavio Miranda · ‎09-25-2024

Considering it is using HTTP to get to Cisco, you can also specify the source

ip http client source-interface vlan200

The L3 switch will not have a source interface default, it will the IP address on interface or interface vlan that have connectivity to the gateway.

mcgiga · ‎09-25-2024

That was it, it's working Thank you very much.