Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1454
Views
90
Helpful
16
Replies

4500x interVLAN. Clients can't ping clients on some different VLANS

Adrian Ardelean
Level 1
Level 1

‎02-24-2022 05:09 AM

Hello,

I have a strange situation on my 4500X.

Clients from some VLANs cannot access resources on several VLANs.

I have this:

 

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.99.99.0/24 is directly connected, Vlan55
L 10.99.99.1/32 is directly connected, Vlan55
172.16.0.0/16 is variably subnetted, 18 subnets, 5 masks
C 172.16.0.0/26 is directly connected, Vlan3
L 172.16.0.1/32 is directly connected, Vlan3
C 172.16.5.0/24 is directly connected, Vlan1
L 172.16.5.1/32 is directly connected, Vlan1
C 172.16.6.0/26 is directly connected, Vlan10
L 172.16.6.1/32 is directly connected, Vlan10
C 172.16.20.0/24 is directly connected, Vlan8
L 172.16.20.1/32 is directly connected, Vlan8
C 172.16.100.0/22 is directly connected, Vlan2
L 172.16.100.1/32 is directly connected, Vlan2
C 172.16.150.0/24 is directly connected, Vlan223
L 172.16.150.1/32 is directly connected, Vlan223
C 172.16.155.0/26 is directly connected, Vlan50
L 172.16.155.1/32 is directly connected, Vlan50
C 172.16.200.0/24 is directly connected, Vlan222
L 172.16.200.1/32 is directly connected, Vlan222
C 172.16.250.0/28 is directly connected, Vlan250
L 172.16.250.1/32 is directly connected, Vlan250
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan9
L 192.168.1.1/32 is directly connected, Vlan9

 

From VLAN 55 I can only access VLAN9, cannot access any VLAN with IP starting with 172.16.

Also, VLAN 55 is not accessible from any source with 172.16 IPs but VLAN 9 is.

 

Should I attach the running config also?

Any ideas?

Thanks a lot!

Adrian

 

Labels:
0 Helpful
16 Replies 16

Adrian Ardelean
Level 1
Level 1
In response to Georg Pauwen

‎02-28-2022 05:47 AM

Hi Georg,

 

I need specific external IP / IP pools for each VLAN with specific bandwidth management.

So I have an interface on fortigate for   each VLAN.

Didn't think on other solution.

 

Thank you,

Adrian

paul driver
VIP
VIP

‎02-28-2022 06:37 AM

Hello
You need to review the access-lists pertaining to your PBR policy’s, Begin with removing all PBR policy’s from the SVIs and then possibly look at pushing everything via the internet path and then PBR on specific source/destination traffic to alternative next hops


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card