04-29-2020 10:51 AM - edited 04-29-2020 12:39 PM
Hello,
Im still less than 6 months into my first networking job, please pardon me if this one seems trivial... All of our computers use 192.168.2.x as the default gateway but I created a virtual machine with the ip address 10.92.110.5 it is meant to be on VLAN 110 so I added vlan 110 in all the switches leading to the default gateway switch. I assigned the VM a default gateway of 10.92.110.1 which is located on one of the interfaces of the firewall. I cannot ping the closest switch, the firewall, nothing. I also tried making the closest switch the default gateway (2.16) but that didnt work either, I am lost on this one. I included a screenshot of our current topology.
04-29-2020 11:09 AM
So, you cannot ping the default gateway of the new VLAN?
Verify that the VLAN is active on each switch using this command:
show int vlan 110
If any come back with an error, that VLAN isn't active. Simply go into the interface to activate it:
conf t
int vlan 110
end
Make sure the VLAN is permitted across each trunk (also - make sure each switch is connected to each other via a trunk line... has to be a trunk to allow multiple VLAN across). Issue this command, located the VLANs allowed section and make sure VLAN110 is listed as allowed:
show int trunk
If the trunk is not allowing the VLAN, then go into the interface for the trunk and issue the command (exactly like this! You can mess things up if you leave off a word...)
switchport trunk allowed vlan add 110
Let me know what you come up with.
04-29-2020 12:32 PM
Hello thanks for the reply.
On my default gateway switch vlan 110 interface is like this:
interface Vlan110
description DMZ
no ip address
The trunk Admin 1 to Admin 2 is like this:
interface GigabitEthernet0/45
description 2014-TRUNK-TO-ADMIN-2
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode trunk
duplex full
channel-group 2 mode on
spanning-tree portfast
!
interface GigabitEthernet0/46
description 2014-TRUNK-TO-ADMIN-2
switchport trunk encapsulation dot1q
switchport trunk native vlan 2
switchport mode trunk
channel-group 2 mode on
Do I need to add an allowed vlan 110 to this channel group? If so, can it be done without bringing down the network? I have had that happen to me not too long ago...
The trunk Admin 2 to Admin 3, this is an HP switch:
Port | Name Type | Group Type
---- + -------------------------------- --------- + ----- --------
37 | 100/1000T | Trk3 LACP
38 | 100/1000T | Trk3 LACP
39 | 100/1000T | Trk3 LACP
vlan 110
name "DMZ"
tagged Trk1,Trk3
no ip address
exit
Admin 3
vlan 110
name "DMZ"
tagged Trk1-Trk3
no ip address
exit
04-29-2020 03:08 PM
Hello
on the cisco
int port-channel 2
switchport trunk allowed vlan add 110
on the hp
vlan 110 untagged trk3
04-29-2020 03:16 PM
Thanks for your reply. I am curious why 110 would need to be allowed on this port channel group on the cisco? I have other vlans going through that channel group but the command to allow them is not in the configuration, yet there are no issues concerning those vlans.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide