Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2712
Views
0
Helpful
5
Replies

SGE 2010 inter vlan routing problem

Go to solution
cividan-forum
Level 1
Level 1

‎12-16-2011 12:57 PM

Ok back to basic, I was trying to setup complicated things that didn't work so now I start from the base.

I'm trying to setup my cisco SGE2010 48 ports gigabits switch to do inter-vlan routing.

so far I have set the switch in layer 3 mode from the telnet console and rebooted it.

went into the web interface and changed the default management vlan ip to 192.168.2.3

added vlan 70 and vlan 180 from bridging, vlan mangement section

under IP addressing, IPv4 interface, I added IP address for each vlan as follow:

IP address           Mask                Interface

192.168.70.3       255.255.255.0    VLAN 70

192.168.180.3     255.255.255.0    VLAN 180 

next I went into bridging, vlan management, vlan to port:

defined port g1 as access to vlan 70

defined port g2 as access to vlan 180

connected computer A to port g1 with static IP 192.168.70.200 mask 255.255.255.0 gateway 192.168.70.3

connected computer B to port g2 with static IP 192.168.180.180 mask 255.255.255.0 gateway 192.168.180.3

i then go into routing, static routing: I see the destination IP of 192.168.70.0 /24 as local route type and same for 192.168.180.0 /24 as local route type

on computer A I ping the gateway of 192.168.70.3 and it works

on computer B I ping the gateway of 192.168.180.3 and it works

problem is that they cannot ping each other, windows firewall is off on both computer.

If I do a tracert on any of the computer it reach the default gateway but then times out on the second hop.

any suggestion of what I might have done wrong and solution to fix the problem would be appreciated.

Edit: here is the running config if it might help:

Cisco-SGE2010# show running-config

vlan database

vlan 70,180

exit

interface range ethernet g(1,26)

switchport access vlan 70

exit

interface ethernet g2

switchport access vlan 180

exit

interface vlan 70

name printer

exit

interface vlan 180

name wireless

exit

interface vlan 1

ip address 192.168.2.3 255.255.255.0

exit

interface vlan 70

ip address 192.168.70.3 255.255.255.0

exit

interface vlan 180

ip address 192.168.180.3 255.255.255.0

exit

hostname Cisco-SGE2010

snmp-server location here

snmp-server contact Me

Cisco-SGE2010#

Labels:
Preview file
403 KB
Preview file
171 KB
Preview file
399 KB
Preview file
242 KB
Preview file
482 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
rmanthey
Level 4
Level 4
In response to cividan-forum

‎12-19-2011 06:30 AM

If you can ping both the switches interface the routing is working. You might have to disable the Windows firewall or open up the firewall to allow ICMP from a different subnet. Windows Vista and 7 by default will block ICMP from any other subnet then thier own.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

View solution in original post

0 Helpful
5 Replies 5

Go to solution
rmanthey
Level 4
Level 4

‎12-16-2011 01:58 PM

Hello Dany,

Thank you for using the community forums.

Have you tried from the 70.x network to ping the 180.3 ? or vise versa? 180.x to the 70.3?

Is there an entery for both computers on the switches arp table?

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

0 Helpful

Go to solution
cividan-forum
Level 1
Level 1
In response to rmanthey

‎12-16-2011 02:42 PM

Hi, thanks for the reply, yes I did try to ping the other vlan gateway and I do get an answer from it, I also tried from whithin the swith to ping or trace to any of the computer and I don't get any response. As for the arp table I think there were entry there but I can't confirm as I left the office already.

0 Helpful

Go to solution
rmanthey
Level 4
Level 4
In response to cividan-forum

‎12-19-2011 06:30 AM

If you can ping both the switches interface the routing is working. You might have to disable the Windows firewall or open up the firewall to allow ICMP from a different subnet. Windows Vista and 7 by default will block ICMP from any other subnet then thier own.

Cisco Small Business Support Center

Randy Manthey

CCNA, CCNA - Security

0 Helpful

Go to solution
cividan-forum
Level 1
Level 1
In response to rmanthey

‎12-19-2011 06:52 AM

Hi, when I do a tracert to the second vlan IP, I get a reply from on the first link:

from the 192.168.70.200 client I do tracert 192.168.180.3

1  <1 ms  4 ms  4 ms 192.168.180.3

this tells me that I do not actually "reach" the 2nd gateway but instead the switch just reply saying "hey this ip is me so lets reply"

Still from the 192.168.70.200 client I do tracert 192.168.180.180 (computer b ip)

1   < 1 ms   4 ms   4ms  192.168.70.3

2       *         *           *          delay expired (translated from french computer)

3       *         *           *          delay expired (translated from french computer)

this gets me thinking that the switch isn't even talking to itself. Also from whithin the switch I cannot do a traceroute to any of the connected computer or gateway. I always get the answer host unreachable when trying to traceroute the gateway and * * * when trying to traceroute the client.

0 Helpful

Go to solution
cividan-forum
Level 1
Level 1
In response to rmanthey

‎12-19-2011 12:11 PM

Hi, thanks for the head up, I had windows firewall disable but only  for domain profile so when the computer was losing connection to domain  to connect on new switch firewall was showing disable for but only for  domain profile while I was currently not connected to domain profile and  this lead to confusion. Which cisco helped me to figure out.

0 Helpful
Customers Also Viewed These Support Documents