Solved: Difficulty connecting SG500-28 L3 switch to a Draytek Router

chris-osborne · ‎01-23-2013

Hi All,

I'm really struggling with this one. I have an SG 500-28 L3 switch with a working trunk link to two other L2 switches. I am trying to allow hosts in the VLANS to access the outside world.. the L3 switch is connected to a Draytek router. I have assigned an IP address to one of the ports and have set routing in both directions from L3 to Router. I can ping from the L3 switch to the router and from the router to the L3 switch, but no hosts in any VLAN can ping further than the IP interface 192.168.254.253. Can anyone help with this? Is there something specific to this switch I am missing? IP routing is enabled on the L3 switch.

The L3 config is here:

switch8abb2b

v1.2.7.76 / R750_NIK_1_2_584_002

CLI v1.0

file SSD indicator encrypted

@

ssd-control-start

ssd config

ssd file passphrase control unrestricted

no ssd file integrity control

ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0

!

vlan database

vlan 10,20,30,100

exit

voice vlan oui-table add 0001e3 Siemens_AG_phone________

voice vlan oui-table add 00036b Cisco_phone_____________

voice vlan oui-table add 00096e Avaya___________________

voice vlan oui-table add 000fe2 H3C_Aolynk______________

voice vlan oui-table add 0060b9 Philips_and_NEC_AG_phone

voice vlan oui-table add 00d01e Pingtel_phone___________

voice vlan oui-table add 00e075 Polycom/Veritel_phone___

voice vlan oui-table add 00e0bb 3Com_phone______________

bonjour interface range vlan 1

hostname switch8abb2b

username cisco password encrypted 0c4d0931711a0e9cb22337c1adbe39091ad15a73 privilege 15

!

interface vlan 1

ip address 192.168.1.230 255.255.255.0

no ip address dhcp

!

interface vlan 10

name SERVERS

ip address 10.0.10.254 255.255.255.0

!

interface vlan 20

name WARDS

ip address 10.0.20.254 255.255.255.0

!

interface vlan 30

name LAB

ip address 10.0.30.254 255.255.255.0

!

interface vlan 100

name ITECH

ip address 192.168.12.254 255.255.255.0

!

interface gigabitethernet1/1/1

switchport trunk allowed vlan add 10,20,30,100

switchport default-vlan tagged

!

interface gigabitethernet1/1/24

ip address 192.168.254.253 255.255.255.0

!

ip route 0.0.0.0 0.0.0.0 192.168.254.254

The draytek routing table is here:

Key: C - connected, S - static, R - RIP, * - default, ~ - private

* 0.0.0.0/ 0.0.0.0 via 172.16.0.1 WAN2

S~ 10.0.0.0/ 255.255.0.0 via 192.168.254.253 LAN1

S~ 192.168.12.0/ 255.255.255.0 via 192.168.254.253 LAN1

S~ 192.168.1.0/ 255.255.255.0 via 192.168.254.253 LAN1

C~ 192.168.254.0/ 255.255.255.0 directly connected LAN1

C 172.16.0.0/ 255.255.0.0 directly connected WAN2

I am also getting this error periodically on the L3 switch. Not sure if it is related to the problem.

switch8abb2b#19-Jul-2012 18:37:27 %CDP-W-NATIVE_VLAN_MISMATCH: Native VLAN mismatch detected on interface gi1/1/1.

Any help would be greatly appreciated!

Chris

Tom Watts · ‎01-23-2013

Hi Chris, the problem would appear to be the router. It either doesn't support dot1q trunk/sub interface or you're missing static routes pointing back to the SVI of the switch.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

View solution in original post

chris-osborne · ‎01-23-2013

I should just add that traffic flows between internal VLANs without a problem.

Chris

Tom Watts · ‎01-23-2013

Hi Chris, the problem would appear to be the router. It either doesn't support dot1q trunk/sub interface or you're missing static routes pointing back to the SVI of the switch.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

chris-osborne · ‎01-24-2013

Hi Tom thanks for your response. The problem is sorted now, I needed to put

interface gigabitethernet1/1/24 into an SVI with an IP address as the switch did not support routed ports.

Many thanks,

Chris