Re: Routing to Layer 2 VLAN

martynch1 · ‎12-15-2022

Hi, wondering if you could help me with network, I have very limited options on changing the Wireless Bridge IP's and VLANS which are all on VLAN 2, as are all the clients which I'm moving away, I'm hoping to keep VLAN as the management VLAN

The Plusnet Router as an IP address of 192.168.2.254 and the connected R1 interface has an IP address of 192.168.253

From .253 I can ping .254 (SW1) so all good there, everything to the right of SW1 I can not ping.

From SW2 (192.168.2.243) I can ping and connect to everything on the right side of SW2, but I can not ping or connect to .254 or .254 All connoted PC's and Wireless clients can access the internet.

I'm sure that this is because all the connected interfaces are on VLAN 2 and the connected interface on the Router is a static IP address, although I could be wrong.

I'm wondering if there is anything I can do on the router that I can do to tell it how to get to the other Switches, below is a snippet of all the kits interfaces and Router config.

R1
Network I'm creating VLANS to move all the clients away from VLAN 2
!
ip dhcp pool FSM
network 192.168.20.0 255.255.255.0
default-router 192.168.20.254
dns-server 8.8.8.8 4.4.4.4
!
ip dhcp pool THERA
network 192.168.30.0 255.255.255.0
default-router 192.168.30.254
dns-server 8.8.8.8 4.4.4.4
!
ip dhcp pool CAWFC
network 192.168.10.0 255.255.255.0
default-router 192.168.10.254
dns-server 8.8.8.8 4.4.4.4
!
interface GigabitEthernet0/0/0
description UPLINK TO PLUSNET ROUTER
ip address 192.168.2.200 255.255.255.0
ip nat outside
negotiation auto
spanning-tree portfast
!
interface GigabitEthernet0/1/7
description Uplink SW2
switchport mode trunk
spanning-tree portfast
!
ip route 0.0.0.0 0.0.0.0 192.168.2.254

SW1 2 and 3 are all the same and have trunked ports to each other.

interface Vlan2
ip address 192.168.2.x 255.255.255.0
!
ip default-gateway 192.168.2.253

Hope you can help me resolve this for me
Thanks,
Martyn

balaji.bandi · ‎12-16-2022

everything to the right of SW1 I can not ping. i do not see SW1 in your diagram - i take this as SW2

the way you looking to do not going to work.

Since Router not have extended that VLAN all over (until you like to BVI Interface.) bridging your GigabitEthernet0/0/0 and GigabitEthernet0/1/17

From SW2 (192.168.2.243) I can ping and connect to everything on the right side of SW2 - this is expected since all are in same VLAN 2 domain

but I can not ping or connect to .254 or .254 - as mentioned above this is not oging to work,

All connoted PC's and Wireless clients can access the internet. - Not sure how this going to work ? (may be the clients connected to Router AP - may work) that was my guess since you have not posted router full config, and we do not see any of your NAT config, what IPaddress will Wireless client get.

Not sure what model of the Router - and pot full config here to suggest better :

high level : (on router)

If you can create a VLAN and make all the interface VLAN 2 or any other vlan you looking to do - that should work as expected :

Also make sure VLAN interface out and inside NAT and ACL also should cover all the network address to do NAT to get internet

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

martynch1 · ‎12-16-2022

Sorry, I posted in a rush last night, I will fix the diagram and post full configs later.

Thank for responding

balaji.bandi · ‎12-16-2022

Sure i can understand update the diagram and also post other information as requested, so we can see how you can fix and challanges.

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

KJK99 · ‎12-16-2022

@martynch1

The description of the configuration is not entirely clear to me, either, but it looks like the problem is in how the link between R1 and Plusnet Router is defined.

Can you disable NATting on R1? If you can, than define also some static routes in Plusnet Router for the other subnets so replies from Internet can reach their destinations. If you cannot, Plusnet Router needs to be set up in a completely different subnet. You can create for it in R1 an extra VLAN or a routed port.

Kris K