Solved: Traffic Not Being Routed Through L3 Switch

garrett_j17 · ‎03-16-2015

Hi all,

I have a situation that I'm not sure whats going on. I have a L3 switch configured with 2 VLANs....5 & 10. This switch is connected to L2 switch also with VLANs 5 & 10. I have routing between the VLANs being done on my L3 switch and that seems to be working fine as I can ping devices within each VLAN. My issue is that I've added a ADSL modem to equation which is connected to a port on L2 switch assigned to VLAN 10.

From the L3 switch I can ping public addresses like 4.2.2.2 but I can't however do the same from the L2 switch. I did a traceroute and can see that my traffic makes it to the modem but goes dead once it passes there. I also have the appropiate routes in the modem (i think) to route traffic back in.

I've uploaded a basic diagram hoping that you get the jist of my issue.

Regards

Jon Marshall · ‎03-16-2015

Is the L2 switch SVI in vlan 5 ?

If so what is the route you added to the modem for the vlan 5 IP subnet ?

In addition to the route have you added NAT for the vlan 5 subnet on the modem ?

Note some modems will only NAT for the locally connected subnet. If this is the case your setup won't work unless your switch happens to be a 6500 where you could do NAT for the vlan 5 IP subnet.

Jon

View solution in original post

Jon Marshall · ‎03-16-2015

Is the L2 switch SVI in vlan 5 ?

If so what is the route you added to the modem for the vlan 5 IP subnet ?

In addition to the route have you added NAT for the vlan 5 subnet on the modem ?

Note some modems will only NAT for the locally connected subnet. If this is the case your setup won't work unless your switch happens to be a 6500 where you could do NAT for the vlan 5 IP subnet.

Jon

garrett_j17 · ‎03-16-2015

Hi Jon,

Now that you mentioned it.....im not sure if created an SVI on the L2 switch. I however did create one for both networks on my L3 switch (10.1.5.1 & 10.1.10.2) I'll add SVIs to the L2 switch and give it a go. If that doesnt work then i'll look into NAT for my 10.1.5.0 network.

Thanks

garrett_j17 · ‎03-18-2015

So i think the issue here was that the modem would only NAT for the locally connected subnet. Once I moved it to VLAN 5.......it worked like charm and the reverse now happened with VLAN 10.

Jon Marshall · ‎03-18-2015

So are you saying you can only get it working for one of the vlans but not both ?

If so then it is a common limitation with modems in that they will only do NAT for the connected subnet.

Some will do other subnets, some won't.

You don't say what model your L3 switch but you will be lucky if it supports NAT as most don't.

For NAT you usually need a firewall or router.

Jon

garrett_j17 · ‎03-19-2015

Jon,

This is correct. It only worked for one VLAN at a time which concludes that it only NAT for the locally connected subnet. Oh..........and I have a Cisco 3750x switch with L3 functionality.

Jon Marshall · ‎03-19-2015

Unfortunately your switch doesn't support NAT so you can't do what you are trying to do.

There really isn't a workaround I'm afraid, you would just have to have everything in the same vlan if you needed internet access for all devices.

Unless your modem supported trunking and subinterfaces which I doubt very much as I have never come across those before

Jon