SG500-28P Inter VLAN Issue - Unable to route

MPRB_Ops · ‎01-29-2018

Hi all,

We have a new SG500-28p set to layer 3, and are having issues routing traffic between VLANs. Our network design for this switch is very simple. Here is the basis for our issue:

VLAN 1 - Data (default), IP is 10.128.114.253

VLAN 100 - Voice, IP is 10.100.114.253

VLAN 10 - Internet Backbone, IP is 10.255.255.10

Basically, we need to have VLAN's 1 and 100 route to VLAN 10 in order to egress the switch and communicate out to the internet/network.

The strange thing is, if we use PUTTY to manage the switch remotely, we can ping to the Internet or any egress point. However, when we configure a port for either VLAN 1 or 100, then configure a laptop with the proper IP info and plug it into to said port, we are unable to ping beyond the VLAN it's in (i.e. if plugged into Port 1/VLAN1, we are unable to ping Port 2/VLAN100 or Port3/VLAN10, etc.).

I've set the ports to General, Access, and Trunk, and no matter what configuration I use we are still unable to route traffic from VLANs 1 and 100, to VLAN 10.

Any ideas/tips would greatly be appreciated! Thanks!

Here's a snippit of the config file (edited to save space):

---------------------------------------------------------

config-file-header
SWITCH

v1.4.2.4 / R800_NIK_1_4_194_194
CLI v1.0
set system mode router queues-mode 4

file SSD indicator encrypted
@
ssd-control-start
ssd config
ssd file passphrase control unrestricted
no ssd file integrity control
ssd-control-end cb0a3fdb1f3a1af4e4430033719968c0
!
vlan database
vlan 10,100
exit
hostname SWITCH

interface vlan 1
ip address 10.128.114.253 255.255.255.0
no ip address dhcp
!
interface vlan 100
name Voice
ip address 10.100.114.254 255.255.255.0
!
interface vlan 10
name INTERNET
ip address 10.255.255.10 255.255.255.0
!
interface gigabitethernet1/1/1
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 10 untagged
!
interface gigabitethernet1/1/2
spanning-tree portfast
switchport mode general

switchport general allowed vlan add 10 untagged
!
interface gigabitethernet1/1/3
spanning-tree portfast
switchport mode general
switchport general allowed vlan add 10 untagged
switchport general pvid 10
!
exit
ip default-gateway 10.255.255.10
ip route 10.100.0.0 /16 10.255.255.254
ip route 10.128.0.0 /16 10.255.255.254

lucaslara · ‎01-29-2018

You enable the ip routing?

configure too the PVID in the interfaces.

MPRB_Ops · ‎01-29-2018

Hi and thanks for getting back to me!

Yes, IP Routing is enabled. The PVID for all ports is ticked and the default VLAN is (VLAN1) is untagged.

Another strange thing... if I change the ports so the default VLAN is tagged, then I lose all connectivity back to the switch. So all the ports are trunked, and all VLANs are tagged to each port except the default VLAN is untagged. Not sure if that makes sense?

lucaslara · ‎01-29-2018

You activate the L3 mode?

MPRB_Ops · ‎01-29-2018

Yes, absolutely! L3 mode is enabled.

lucaslara · ‎01-29-2018

Check your ip route.

lucaslara · ‎01-29-2018

SG500-28P Inter VLAN Issue - Unable to route

Cisco Business Product Family

Cisco Switching Product Family