01-02-2009 11:09 PM - edited 03-04-2019 03:18 AM
Hi, Happy new year to all of you!!!Hi,
I have a small issue!
While deploying a Cisco Catalyst 3560, 24 10/100/1000 port switch in the LAN I am facing some routing problems.
The switch is configured with 3 VLANs, and DHCP for the respective VLANs.
VLAN A - (Users): 10.185.34.1/24
VLAN B - (Servers and printer) 10.185.7.1/25
VLAN C - (ADSL/ 3G modem) 10.185.1.1 /25
The Internet device (a 3G modem) is configured with IP address:
10.185.1.5 / 255.255.255.0 / 0 (without any default gateway).
When the clients are connected to the respective switch ports (VLAN A) they are leased the following IP address : 10.185.34.10 / 255.255.255.0 / 10.185.34.1 (Dynamically) and are able to access the network resources like the server and the printers (in VLAN B) but not the internet.
On the contrary, if I statically configure the client's IP address and assign the following:
10.185.34.10 / 255.255.255.0 / 10.185.1.5 (Statically), the clients are able to browse the internet but not able to access the network resources.
How can I allow my clients to browse the net as well as use the network resources simultaneously?
I have defined an explicit routing 0.0.0.0 0.0.0.0 10.185.1.5
Could someone please assist in solving this issues.
Thanks a ton..
Regards
Vik
01-02-2009 11:48 PM
Hi
The users and servers should be configured with the local 3560 VLAN interface IP address as their default gateway.
If the 3G Modem is routing it will need to know how to get back to VLAN A & B.
Adding routes to the 3G device directing return traffic destined for 10.185.34.0/24 and 10.185.7.0/25 back to the 3560 (10.185.1.1) should solve the issue.
Hope this helps
Steve
01-03-2009 12:56 AM
Dear Steve,
Thanks for your responce.
I tried tto enter the routers manually before but my 3G internet modem is not allowing to enter any static routes. I am using a sony erricson 3G internet modem. It has only a web interface . Doesnot allow telent also.
We have already applied for ADSL line and then we can put a ADSL router / firewall and solve this issue. but rright now how can we get rid of this perticular situation.
Please advice.
Regards
Vikrant
01-03-2009 01:22 AM
Vikrant
Assuming you only want the user vlan to be able to access the Internet a temporary solution if you cannot add routes to the 3G internet modem is to put the internet modem into the same vlan as the user vlan. That way the modem would know how to get to the client devices.
Security would be a concern though, altho it's not clear at the moment whether you have any acl's in use on the 3560.
Jon
01-03-2009 01:48 AM
Dear Jon,
Thanks. I have done exactly what you have said.
I have put the modem in the same VLAN as of the users. But still for the users, the switch is dynamically assigning IP addresses with 10.185.34.1 as the default gateway whereas the modem IP address is 10.185.34.100. Therefore to make the internet work I had to manually assign IP address to the clients with default gateway as 10.185.34.100. And by doing so, the net is working but users are not able to access any of the network resources. Which are in the server VLAN.
Regards
Vik
01-03-2009 05:56 AM
Vik
You need to change the default route on the 3560 switch ie.
ip route 0.0.0.0 0.0.0.0 10.185.34.100
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide