Trying to ping from vlan to default gateway with no success.

Roberto Soto · ‎02-26-2014

Hello, in my home lab, I have a Cisco 871W named cants. I connected cants to my BT (ISP) router (BT.homeblahblah) using the wan link f 4, then I created a vlan 2 and assign it to por f1 on the 871 router. Im unable to ping from that vlan to router 192.168.1.254 which is my bt router.

Please see my config file:

Building configuration...

Current configuration : 1845 bytes

!

version 12.4

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

service password-encryption

!

hostname cants

!

boot-start-marker

boot-end-marker

!

enable secret 5

!

no aaa new-model

!

dot11 syslog

ip cef

!

no ip domain lookup

ip domain name canterburyhub.local

!

no spanning-tree vlan 1

no spanning-tree vlan 2

username

!

archive

log config

hidekeys

!

ip ssh version 2

!

interface FastEthernet0

!

interface FastEthernet1

switchport access vlan 2

!

interface FastEthernet2

switchport mode trunk

!

interface FastEthernet3

switchport mode trunk

!

interface FastEthernet4

description INTRANET ROUTER CONNECTION

ip address 192.168.1.253 255.255.255.0

ip access-group 100 in

speed 100

full-duplex

!

interface Dot11Radio0

no ip address

shutdown

speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0

station-role root

!

interface Vlan1

ip address 172.16.0.1 255.255.0.0

!

interface Vlan2

ip address 172.18.0.1 255.255.0.0

!

ip forward-protocol nd

ip route 0.0.0.0 0.0.0.0 192.168.1.254

ip route 192.168.1.0 255.255.255.0 192.168.1.254

!

no ip http server

no ip http secure-server

!

access-list 100 permit ip any any

access-list 101 permit ip any any

!

control-plane

!

banner motd ^CC

**********************************************

DO NOT LOG ON

**********************************************

^C

!

line con 0

password 7 12290446431C5C162E

logging synchronous

login

no modem enable

line aux 0

password 7 12290446431C5C162E

login

line vty 0 4

password 7 12290446431C5C162E

logging synchronous

login local

transport input ssh

!

scheduler max-task-time 5000

end

cants#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.1.254 to network 0.0.0.0

C 172.18.0.0/16 is directly connected, Vlan2

C 192.168.1.0/24 is directly connected, FastEthernet4

S* 0.0.0.0/0 [1/0] via 192.168.1.254

cants#sh ip int brief

Interface IP-Address OK? Method Status Protocol

Dot11Radio0 unassigned YES NVRAM administratively down down

FastEthernet0 unassigned YES unset down down

FastEthernet1 unassigned YES unset up up

FastEthernet2 unassigned YES unset up down

FastEthernet3 unassigned YES unset up down

FastEthernet4 192.168.1.253 YES NVRAM up up

Vlan1 172.16.0.1 YES NVRAM up down

Vlan2 172.18.0.1 YES NVRAM up up

Now when I try to ping from a laptop connected using a cable to f 1 I get request timed out. Also when I try to pring from the router, nothing:

cants#ping 192.168.1.254 source 172.18.0.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.1.254, timeout is 2 seconds:

Packet sent with a source address of 172.18.0.1

.....

Success rate is 0 percent (0/5)

I hope I have given enough information, but please let me know if you need more. I understand the the basics how vlan advertise themselves, I understand the basics of routing, thats why I created 192.168.1.254 (BT router) as my last resort default gateway, so that everything can go there if no other route given.

Many thanks in advance.

Jon Marshall · ‎02-26-2014

The BT router does not know how to get to that subnet.

So you have two options -

1) add a route to the BT router. Don't know the syntax for that but in IOS it would be -

ip route 172.18.0.0 255.255.0.0 192.168.1.253

2) if you can't add a route to the BT router then you can NAT all your 172.18.x.x addresses to 192.168.1.253 because your BT router knows how to get to that so on your router -

int vlan 2

ip nat inside

int fa4

ip nat outside

access-list 101 permit ip 172.18.0.0 0.0.255.255 any

ip nat inside source list 101 interface fa4 overload

Jon

Roberto Soto · ‎02-26-2014

Hello Jon,

Many thanks for your reply. I thought about what you has just replied which I appreciated because reassure me. I figured out with your reply where I failed. When I tracert from a windows machine on vlan 2 (172.18.0.2) to 192.168.1.254 I saw that it stopped on 172.18.0.1, so I thought I must be missing something because Im not getting a reply from .253, but I guess now that 192.168.1.253 its not on route, so therefore the next hop is 192.168.1.254 which is on my route table.

Again, thank you very much for your time and reply.