Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
616
Views
0
Helpful
4
Replies

Routing Between VLANS on Layer 3 Switch

Translator
Community Manager
Community Manager

‎12-08-2022 06:39 AM - last edited on ‎12-08-2022 08:16 AM by Community Manager

Good morning everyone!

I have "one" Cisco Layer 3 Catalyst 2960-X Series Switch for backbone and "two" Cisco Layer 2 Business 220 Series Switches as the access switch.

I am working with 3 different VLANs: VLAN-1, VLAN-2, and VLAN-100.

However, when I configure the switch interface in VLAN-2 or VLAN-100, and the end device in these two bands, I do not have access to the internet. I wonder how I would create a routing for all VLANS/lanes to have internet access.

VLAN-1 - 192.168.1.0/24

VLAN-2 - 192.168.2.0/24

VLAN-100 - 192.168.100.0/24

Note: I have a pfSense as the default gateway (192.168.1.1). I don't know if you can influence anything.

Thank you in advance.

Labels:
0 Helpful
4 Replies 4

balaji.bandi
Hall of Fame
Hall of Fame

‎12-08-2022 08:22 AM

Make sure VLAN is allowed in the Trunk going from the core switch to the access switch

on Pfsense you need to add the new IP address to NAT for the internet to work. also from pfsense you need a static route back for that IP address towards vlan 100 IP configured on Core switch

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

KJK99
Level 1
Level 1

‎12-08-2022 09:30 AM

@Translator 

I think more information is needed about your configuration to give you some advice. pfSense and a L3 switch can be configured in a couple of ways.

Kris K
0 Helpful

paul driver
VIP
VIP

‎12-08-2022 03:33 PM

Hello
I assume the PfSence rtr/fw will be performing Nat for 192.168.1.0/24 subnet

So what you need to do is to append the nat policy on that rtr/fw to accommodate the two other vlans you have created on the switch (vlan 2 &100)

Then add two static routes for those subnets pointing to the switches vlan 1 interface On the switch enable ip routing and add a default route pointing to the pfSence rtr/fw

Example Sw:
ip routing
ip route 0.0.0.0 0.0.0.0 vlan 1 192.168.1.X name pfsence_nexthop


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

stumala
Community Manager
Community Manager
In response to paul driver

‎12-09-2022 02:30 AM

The static route for VLAN-1 was created by following this command: "ip route 0.0.0.0 0.0.0 vlan 1 192.168.1.1 name pfSense".

For VLAN-2 and VLAN-100 this would be:

"ip route 0.0.0.0 0.0.0.0 vlan 100 192.168.1.1 name pfSense".

"ip route 0.0.0.0 0.0.0.0 vlan 2 192.168.1.1 name pfSense".

Correct?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card