Solved: Broken VLAN Help!

pinoybot · ‎08-29-2018

Hi Cisco Gurus!

I am trying to setup a network via packet tracer, and trying to figure out why one of my network can't communicate. I believe my config is very wrong but I can't really enlighten myself, I greatly need some awesome correction/suggestions....

Basically, I am trying to allow VLAN 3 to be able to browse to 192.168.2.2.

hostname Switch

!

enable password 7 0822455D0A16

!

username admin privilege 1 password 7 0822455D0A16

!

spanning-tree mode pvst

spanning-tree extend system-id

!

interface FastEthernet0/1

!

interface FastEthernet0/2

!

interface FastEthernet0/3

!

interface FastEthernet0/4

!

interface FastEthernet0/5

!

interface FastEthernet0/6

!

interface FastEthernet0/7

!

interface FastEthernet0/8

!

interface FastEthernet0/9

!

interface FastEthernet0/10

switchport trunk allowed vlan 3

switchport mode trunk

!

interface FastEthernet0/11

!

interface FastEthernet0/12

!

interface FastEthernet0/13

!

interface FastEthernet0/14

!

interface FastEthernet0/15

!

interface FastEthernet0/16

!

interface FastEthernet0/17

!

interface FastEthernet0/18

!

interface FastEthernet0/19

!

interface FastEthernet0/20

switchport access vlan 3

switchport mode access

!

interface FastEthernet0/21

!

interface FastEthernet0/22

!

interface FastEthernet0/23

!

interface FastEthernet0/24

switchport trunk native vlan 100

switchport trunk allowed vlan 3

switchport mode trunk

!

interface GigabitEthernet0/1

!

interface GigabitEthernet0/2

!

interface Vlan1

no ip address

shutdown

!

interface Vlan3

mac-address 000c.8506.d401

ip address 192.168.3.2 255.255.255.0

!

interface Vlan50

mac-address 000c.8506.d402

ip address 192.168.3.100 255.255.255.0

!

line con 0

!

line vty 0 4

password 7 0822455D0A16

login local

line vty 5 15

login

!

end

Router#sh run

Building configuration...

Current configuration : 1056 bytes

!

version 15.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

no ip cef

no ipv6 cef

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0/0

ip address 192.168.1.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface GigabitEthernet0/0/1

ip address 192.168.3.1 255.255.255.0

duplex auto

speed auto

!

interface Serial0/1/0

ip address 10.10.1.2 255.255.255.252

ip nat outside

clock rate 64000

!

interface Serial0/1/1

no ip address

clock rate 2000000

shutdown

!

interface Vlan1

no ip address

shutdown

!

router rip

version 2

network 10.0.0.0

network 192.168.1.0

network 192.168.3.0

no auto-summary

!

ip nat inside source list 1 interface Serial0/1/0 overload

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/1/0

!

ip flow-export version 9

!

access-list 1 permit 192.168.1.0 0.0.0.255

access-list 1 permit 192.168.3.0 0.0.0.255

!

line con 0

!

line aux 0

!

line vty 0 4

login

Building configuration...

Current configuration : 855 bytes

!

version 15.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

no ip cef

no ipv6 cef

!

ip domain-name cisco.com

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0/0

ip address 192.168.2.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface GigabitEthernet0/0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Serial0/1/0

ip address 10.10.1.1 255.255.255.252

ip nat outside

!

interface Serial0/1/1

no ip address

clock rate 2000000

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source static 192.168.2.2 10.10.1.1

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/1/0

!

ip flow-export version 9

!

line con 0

!

line aux 0

!

line vty 0 4

login

!

end

Router#

Router con0 is now available

Press RETURN to get started.

Router>en

Router#sh run

Building configuration...

Current configuration : 855 bytes

!

version 15.4

no service timestamps log datetime msec

no service timestamps debug datetime msec

no service password-encryption

!

hostname Router

!

no ip cef

no ipv6 cef

!

ip domain-name cisco.com

!

spanning-tree mode pvst

!

interface GigabitEthernet0/0/0

ip address 192.168.2.1 255.255.255.0

ip nat inside

duplex auto

speed auto

!

interface GigabitEthernet0/0/1

no ip address

duplex auto

speed auto

shutdown

!

interface Serial0/1/0

ip address 10.10.1.1 255.255.255.252

ip nat outside

!

interface Serial0/1/1

no ip address

clock rate 2000000

shutdown

!

interface Vlan1

no ip address

shutdown

!

ip nat inside source static 192.168.2.2 10.10.1.1

ip classless

ip route 0.0.0.0 0.0.0.0 Serial0/1/0

!

ip flow-export version 9

!

line con 0

!

line aux 0

!

line vty 0 4

login

I'd greatly appreciate any answers, thank you so much in advance.

Georg Pauwen · ‎08-30-2018

Hello,

the problem is most likely to be with inter-Vlan routing, as you don't have a subinterface configured for Vlan 3 on your router.

Best to post the .pkt file here so we can check your configs...

View solution in original post

Georg Pauwen · ‎08-30-2018

Hello,

the problem is most likely to be with inter-Vlan routing, as you don't have a subinterface configured for Vlan 3 on your router.

Best to post the .pkt file here so we can check your configs...

pinoybot · ‎08-30-2018

Hi Georg,
You're correct I should have attached it, and I will once I get back home. I posted the 2 router configs in my post last night, there's just a delay before it comes up. I will attach it here as a txt file for now.

Georg Pauwen · ‎08-30-2018

There are a few things that need to be verified, that is why it is easier to get the project file. The trunk link to your router has specified Vlan 100 as the native VLAN, is there a specific reason for that ?

pinoybot · ‎08-30-2018

I will definitely upload the pkt file later. I used vlan 100 thinking I have to since I'm using 100 as my native? I also have a question with my routing, I used a static at first but I added the RIP thinking that could be the reason why I can communicate to the web server.

Georg Pauwen · ‎08-30-2018

Is this a lab ?

Either way, using RIP is fine, you just need a way to get from router to router...

pinoybot · ‎08-30-2018

It's kind of a lab since I'm replicating a network I've seen. But since I'm using a VLAN, should I be using a sub interface on the router?

Router 0
interface GigabitEthernet0/0/1
ip address 192.168.3.1 255.255.255.0
duplex auto
speed auto

I'll set it to:

interface GigabitEthernet0/0/1.3
encapsulation dot1Q 3
ip address 192.168.3.1 255.255.255.0

I'll attach the pkt once I get home.

pinoybot · ‎08-30-2018

Looks like subinterface is the key. It worked now. I just realized that's how it works.

Georg Pauwen · ‎08-31-2018

Hello,

indeed that is what you need. The concept is called 'Router-on-a-stick'...

pinoybot · ‎08-31-2018

Awesome Thanks! I actually thought it's just for cheap network setup, didn't realize that's the concept purposedly for vlans.