VLAN client can't Access Web with Web Browser - ping, telnet, tracert, nslookup works

rend · ‎07-10-2018

Hi there,

i have some problem with my network, let's say.. my topology is like this :

Router - Cisco C2960-X (Vlan 1 & 100) - VM Host

> Internet Connected to Vlan1 - and from Vlan1 to Router (port1) : WAN

> VM Host Connected to Vlan100 - and from Vlan100 to Router (port4) : LAN gateway

>>the switch is new, and i only configured security access and VLAN.

i've configured everything in the Router (NAT, firewall, etc) and everything works fine.. until i tried browsing some web with Windows Client. I only using Linux (console/terminal only) as VM host before~

using network Testing tools, the results are like this :
Ping - works, Nslookup - works, Tracert - works, Telnet - works, webBrowser(IE, Firefox,Ms.Edge) - fails (says dns error something)

tried all above to twitter, facebook, cisco, etc. (screenshot attached)

if i access the web with links(linux command webbrowser), the page(text) loaded. But can't browse using Linux with Desktop env. too.. (debian with firefox browser).

i've asked the Router Support about this too, but it seems like the problem is not from the Router Config.

if i use public IP in host and connect it to VLAN1, i can browse with the web browser...

So only from the VLAN100 i can't browse.

has anyone ever experienced something like this?

raluani · ‎07-11-2018

Hello Dear Customer,

My name is Rozana and i am an engineer from the SMB team.

1. Please note that the catalyst series are an Enterprise class, so you should post in their section.

2.If the switch does the intervlan routing, and its default GW is the Router, then the Router should have a static router for the second VLAN / Subnet, so the traffic will be directed back to the switch once it returns.

Please mark this post as helpful if this resolves your issue.
If your topology is different, please share more information, so we can try to assist further.

Regards

rend · ‎07-11-2018

hi there,
Thanks for the reply..

1. Sorry for posting in wrong section, my first post and still not sure where to post this. Noted! should i post this again in correct section or let it here for now?

2. AFAIK, intervlan routing is when the traffic from multiple VLAN goes through Trunk port/link right? no the switch isn't doing intervlan routing, every vlan has it's own link to the Router.. the topology is like this :all the routing is working normally, as you can see in my first Screenshot (in attachment), i could ping any website.. but the problem is i can't access/load any page from web browser.

is there any way that the switch is filtering/blocking something?

raluani · ‎07-11-2018

Hi,

Yes, so If the Router is VLAN aware, then this shouldn't be an issue.
If you can ping a Website, but can not open it in a browser, then it could be a DNS issue.
Have you tried to put 8.8.8.8 as a DNS on your end user?

The switch shouldn't be blocking any traffic unless there is an access list for it.

If with the Google DNS, the Websites still don't work, then it is best to move this thread to the Enterprise section, as there might be something specific that we are missing.
https://supportforums.cisco.com/t5/lan-switching-and-routing/bd-p/6016-discussions-lan-switching-routing

Regards.

rend · ‎07-11-2018

hi,

yes, i tried using google DNS, openDNS, etc on my end user and the website still don't work..

it's confusing, maybe it's DNS issue.. but how's nslookup work if it's DNS issue? >.<

sure i'll try to move this to Enterprise section, thanks for the link and the support btw~