Hi,
I am creating a public segment for Guest wireless and Video Conferencing equipment would allow external client using it.
As you can see from the diagram below, the connection from Cisco Router 881 to internet and PIX 515E to Cisco 881 are working fine. I can surf internet by direct plug in to the Router or PIX.
The issues encountered are that I was unable to surf to internet by plug in the Computer to Cisco Switch 2960.
The Cisco Switch 2960 are set to VLAN 90 and assigned to the remaining 24 ports. As we need to plug in Wireless AP to this switch the VLAN setting is a must.
If I change the port to trunk, it was able to surf the internet. So, it must be something to do with the VLAN and routing.
Appreciate if anyone can advise or tell me what is wrong with the setup. Thank you.
Config for CIsco 881:-
interface FastEthernet0
description Public LAN Segment
switchport access vlan 95
!
interface FastEthernet1
!
interface FastEthernet2
!
interface FastEthernet3
!
interface FastEthernet4
ip address 203.125.1.2 255.255.255.252
duplex full
speed 100
traffic-shape rate 20480000 1280000 1280000 1000
!
interface Vlan1
no ip address
!
interface Vlan95
ip address 203.125.2.2 255.255.255.240
!
ip route 0.0.0.0 0.0.0.0 203.125.1.1
!
access-list 101 permit ip any any
!
Config for PIX 515E:-
interface Ethernet0
nameif Internet
security-level 0
ip address 203.125.2.1 255.255.255.240
!
interface Ethernet1
nameif Internal
security-level 90
ip address 192.168.1.254 255.255.255.0
!
access-list 101 extended permit ip any any
global (Internet) 1 interface
nat (Internal) 1 192.168.1.0 255.255.255.0
access-group 101 in interface Internal
route Internet 0.0.0.0 0.0.0.0 203.125.28.174 1
!
Cisco 2960 Config:-
!
interface FastEthernet0/1
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/2
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/3
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/4
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/5
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/6
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/7
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/8
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/9
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/10
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/11
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/12
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/13
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/14
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/15
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/16
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/17
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/18
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/19
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/20
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/21
switchport access vlan 90
switchport mode trunk
!
interface FastEthernet0/22
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/23
switchport access vlan 90
spanning-tree portfast
!
interface FastEthernet0/24
switchport access vlan 90
spanning-tree portfast
!
interface GigabitEthernet0/1
switchport mode trunk
!
interface GigabitEthernet0/2
switchport mode trunk
!
interface Vlan1
no ip address
shutdown
!
interface Vlan90
ip address 192.168.1.253 255.255.255.0
!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 192.168.1.254
