Well I elimanted all vlans to start from scratch since I have no idea what Im doing 
I am currently using 3 static wan Ips which are assigned to 3 individule routers 192.168.x.2
these all are conneted to ports on the c3650 and the forwarding from the router,s sends them to the correct server 
I just cant access these from a workstation without adding alternate ips to the workstation

Local subnets are 192.168.2.0/24    192.168.3.0/24 and 192.168.4.0/24

What is the best way to handle this ?
Thank You

Well this is a home lab so I dont really have anything drawn up 
It is 3 seperate TP-Link network routers each with there own wan address and lan address
connected to a Comcast Business gig network

Router 1 50.XXX.XXX,29 /192.168.2.2 It's running a dhcp server for the main network of 192.168.2.0/24
Router 2  50.XXX.XXX.27/192.168.3.2 
Router 3 50.XXX.XXX.25/192.168.4.2
ALL 3 routers have port forwarding enabled and doing as intended
all 3 are connected to the Cisco C3650 on ports 45,47 and 48
all the sites that get connected to on the wan run on my esxi server 
I just want to be able to communicate with router 2 and 3 network from router 1 network
Hope this helps

Hello,

I made some changes to your config (important parts marked in bold). I have used Vlan 10,20, and 30. 

Building configuration...
Current configuration : 12552 bytes
!
! Last configuration change at 11:57:00 UTC Mon Jan 29 2024 by john
!
version 16.12
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service compress-config
service call-home
no platform punt-keepalive disable-kernel-core
platform management port rate-limt-enabled
!
hostname POE-Switch
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging console emergencies
enable secret 9 $14$BS94$A5XvvZilC4IizE$kDTcSSM3KDA9NW09sW7WAocfqhEcFahbWRguPruhX9Q
!
aaa new-model
aaa local authentication default authorization default
!
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local
!
aaa session-id common
boot system switch all flash:cat3k_caa-universalk9.16.12.10a.SPA.bin
clock timezone UTC -5 0
clock summer-time UTC recurring
switch 1 provision ws-c3650-48ps
!
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
no destination transport-method email
!
no login on-success log
!
no device-tracking logging theft
!
table-map AutoQos-4.0-Trust-Cos-Table
default copy
!
crypto pki trustpoint TP-self-signed-1716188296
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1716188296
revocation-check none
rsakeypair TP-self-signed-1716188296
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
crypto pki certificate chain TP-self-signed-1716188296
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373136 31383832 3936301E 170D3234 30313131 31393433
33345A17 0D333030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37313631
38383239 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A7E9 0CDD5EF9 9DBB3419 4AC2A3D0 4A75AF3A 1E6E20EB 75F67629 5524A40F
EA05AFA3 90FC6F00 221C2DAF 37209B18 BCFFA5A0 3B3D174D B8D3E633 A712CBDA
1CF91EAE C2C9FEF3 15882D06 33C9B22F 8999F934 615433C4 A0B0E4C8 6E659520
2B1F8B23 6662E72A 5E2B2ABA 65E17EE4 735A8292 9FDA2E23 5A909922 67C083F6
031B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 140726FA 38B330E9 74C0687E D046AE8A DB759FA9 DB301D06
03551D0E 04160414 0726FA38 B330E974 C0687ED0 46AE8ADB 759FA9DB 300D0609
2A864886 F70D0101 05050003 81810011 E57B5E5A 6D770CFA A95355E3 E1862D99
86F0B111 0D66B6F1 29ACC685 08431059 923B5A71 0ACF7A1B 2315D2CC 0C5F2F22
4592637E A3390F39 B7414E6D BE3703C0 51E4CD89 4BE90907 54922BEE AD13647A
B0D76085 874A56BB 4E7455A0 1CF2F2FD AE96D2A0 BF7B48A1 BB84ACAF BF7E7DE6
0DA917D7 63A52C88 1647FA75 39220C
quit
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
license boot level ipbasek9
!
diagnostic bootup level minimal
!
spanning-tree mode pvst
spanning-tree extend system-id
memory free low-watermark processor 79468
!
username cisco privilege 15 password 0 password
username john privilege 15 password 0 password
!
redundancy
mode sso
!
ip routing
!
transceiver type all
monitoring
hw-switch switch 1 logging onboard message
!
class-map match-any AutoQos-4.0-Output-Multimedia-Conf-Queue
match dscp af41 af42 af43
match cos 4
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any AutoQos-4.0-Output-Bulk-Data-Queue
match dscp af11 af12 af13
match cos 1
class-map match-any system-cpp-default
description EWLC control, EWLC data, Inter FED
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, High Rate App, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any AutoQos-4.0-Output-Priority-Queue
match dscp cs4 cs5 ef
match cos 5
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any AutoQos-4.0-Output-Multimedia-Strm-Queue
match dscp af31 af32 af33
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any AutoQos-4.0-Output-Trans-Data-Queue
match dscp af21 af22 af23
match cos 2
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold Pkt
class-map match-any AutoQos-4.0-Output-Scavenger-Queue
match dscp cs1
class-map match-any AutoQos-4.0-Output-Control-Mgmt-Queue
match dscp cs2 cs3 cs6 cs7
match cos 3
!
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Output-Priority-Queue
priority level 1 percent 30
class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining percent 10
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining percent 4
queue-buffers ratio 10
class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining percent 1
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class class-default
bandwidth remaining percent 25
queue-buffers ratio 25
policy-map AutoQos-4.0-Trust-Cos-Input-Policy
class class-default
set cos cos table AutoQos-4.0-Trust-Cos-Table
policy-map system-cpp-policy
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
switchport access vlan 20
!
interface GigabitEthernet1/0/14
switchport access vlan 20
!
interface GigabitEthernet1/0/15
switchport access vlan 20
!
interface GigabitEthernet1/0/16
switchport access vlan 20
!
interface GigabitEthernet1/0/17
switchport access vlan 20
!
interface GigabitEthernet1/0/18
switchport access vlan 20
!
interface GigabitEthernet1/0/19
switchport access vlan 20
!
interface GigabitEthernet1/0/20
switchport access vlan 20
!
interface GigabitEthernet1/0/21
switchport access vlan 20
!
interface GigabitEthernet1/0/22
switchport access vlan 20
!
interface GigabitEthernet1/0/23
switchport access vlan 20
!
interface GigabitEthernet1/0/24
switchport access vlan 20
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
description Connected to WAN Router 1 IP 192.168.1.1
no switchport
ip address 192.168.1.2 255.255.255.0
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
description Connected to WAN Router 2 IP 192.168.2.1
no switchport
ip address 192.168.2.2 255.255.255.0
!
interface GigabitEthernet1/0/48
description Connected to WAN Router 3 IP 192.168.3.1
no switchport
ip address 192.168.3.2 255.255.255.0
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
interface Vlan30
ip address 192.168.30.1 255.255.255.0
!
ip forward-protocol nd
ip http server
ip http authentication aaa login-authentication default
ip http authentication aaa exec-authorization default
ip http secure-server
ip http secure-trustpoint TP-self-signed-1716188296
ip http timeout-policy idle 600 life 2000 requests 2000
ip http session-idle-timeout 1200
ip ftp source-interface Vlan1
ip ftp username john
ip ftp password password
ip ssh source-interface Vlan1
ip ssh version 2
!
control-plane
service-policy input system-cpp-policy
!
line con 0
exec-timeout 0 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password password
length 0
line vty 5 15
password password
!
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
end

C3650 on ports 45,47 and 48

All these port since ypu dont assign vlan it by defualt use vlan1 

So three routes connect via vlan1 (and I think vlan 20 and 30 is down since there is no l2 port assign to it)

The issue as I guess here ypu assign different Subnet in router for vlan1

This make connect failed.

So make all routers use same subnet or config different vlan (under l2 port) for each router.

MHM

Is there a way to upload your changed runninng config to the switch I copyied it and changed the passwords, If so How?

If not How do I make these changes

I may be getting closer what else do I need to do here

Tue Jan 30 2024 12:24:45 GMT-0500 (Eastern Standard Time)
===================================================================================
#show running-config
Building configuration...
Current configuration : 12729 bytes
!
! Last configuration change at 12:21:01 UTC Tue Jan 30 2024 by john
!
version 16.12
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service compress-config
service call-home
no platform punt-keepalive disable-kernel-core
platform management port rate-limt-enabled
!
hostname POE-Switch
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging console emergencies
enable secret 9 $14$BS94$A5XvvZilC4IizE$kDTcSSM3KDA9NW09sW7WAocfqhEcFahbWRguPruhX9Q
!
aaa new-model
aaa local authentication default authorization default
!
!
aaa authentication login default local
aaa authorization exec default local
aaa authorization network default local
!
!
!
!
!
!
aaa session-id common
boot system switch all flash:cat3k_caa-universalk9.16.12.10a.SPA.bin
clock timezone UTC -5 0
clock summer-time UTC recurring
switch 1 provision ws-c3650-48ps
!
!
!
!
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
no destination transport-method email
ip routing
!
!
!
!
!
!
!
!
no login on-success log
ipv6 unicast-routing
!
!
!
!
!
no device-tracking logging theft
!
table-map AutoQos-4.0-Trust-Cos-Table
default copy
!
!
crypto pki trustpoint TP-self-signed-1716188296
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1716188296
revocation-check none
rsakeypair TP-self-signed-1716188296
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
!
crypto pki certificate chain TP-self-signed-1716188296
certificate self-signed 01
3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 31373136 31383832 3936301E 170D3234 30313131 31393433
33345A17 0D333030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D31 37313631
38383239 3630819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100A7E9 0CDD5EF9 9DBB3419 4AC2A3D0 4A75AF3A 1E6E20EB 75F67629 5524A40F
EA05AFA3 90FC6F00 221C2DAF 37209B18 BCFFA5A0 3B3D174D B8D3E633 A712CBDA
1CF91EAE C2C9FEF3 15882D06 33C9B22F 8999F934 615433C4 A0B0E4C8 6E659520
2B1F8B23 6662E72A 5E2B2ABA 65E17EE4 735A8292 9FDA2E23 5A909922 67C083F6
031B0203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603
551D2304 18301680 140726FA 38B330E9 74C0687E D046AE8A DB759FA9 DB301D06
03551D0E 04160414 0726FA38 B330E974 C0687ED0 46AE8ADB 759FA9DB 300D0609
2A864886 F70D0101 05050003 81810011 E57B5E5A 6D770CFA A95355E3 E1862D99
86F0B111 0D66B6F1 29ACC685 08431059 923B5A71 0ACF7A1B 2315D2CC 0C5F2F22
4592637E A3390F39 B7414E6D BE3703C0 51E4CD89 4BE90907 54922BEE AD13647A
B0D76085 874A56BB 4E7455A0 1CF2F2FD AE96D2A0 BF7B48A1 BB84ACAF BF7E7DE6
0DA917D7 63A52C88 1647FA75 39220C
quit
crypto pki certificate chain SLA-TrustPoint
certificate ca 01
30820321 30820209 A0030201 02020101 300D0609 2A864886 F70D0101 0B050030
32310E30 0C060355 040A1305 43697363 6F312030 1E060355 04031317 43697363
6F204C69 63656E73 696E6720 526F6F74 20434130 1E170D31 33303533 30313934
3834375A 170D3338 30353330 31393438 34375A30 32310E30 0C060355 040A1305
43697363 6F312030 1E060355 04031317 43697363 6F204C69 63656E73 696E6720
526F6F74 20434130 82012230 0D06092A 864886F7 0D010101 05000382 010F0030
82010A02 82010100 A6BCBD96 131E05F7 145EA72C 2CD686E6 17222EA1 F1EFF64D
CBB4C798 212AA147 C655D8D7 9471380D 8711441E 1AAF071A 9CAE6388 8A38E520
1C394D78 462EF239 C659F715 B98C0A59 5BBB5CBD 0CFEBEA3 700A8BF7 D8F256EE
4AA4E80D DB6FD1C9 60B1FD18 FFC69C96 6FA68957 A2617DE7 104FDC5F EA2956AC
7390A3EB 2B5436AD C847A2C5 DAB553EB 69A9A535 58E9F3E3 C0BD23CF 58BD7188
68E69491 20F320E7 948E71D7 AE3BCC84 F10684C7 4BC8E00F 539BA42B 42C68BB7
C7479096 B4CB2D62 EA2F505D C7B062A4 6811D95B E8250FC4 5D5D5FB8 8F27D191
C55F0D76 61F9A4CD 3D992327 A8BB03BD 4E6D7069 7CBADF8B DF5F4368 95135E44
DFC7C6CF 04DD7FD1 02030100 01A34230 40300E06 03551D0F 0101FF04 04030201
06300F06 03551D13 0101FF04 05300301 01FF301D 0603551D 0E041604 1449DC85
4B3D31E5 1B3E6A17 606AF333 3D3B4C73 E8300D06 092A8648 86F70D01 010B0500
03820101 00507F24 D3932A66 86025D9F E838AE5C 6D4DF6B0 49631C78 240DA905
604EDCDE FF4FED2B 77FC460E CD636FDB DD44681E 3A5673AB 9093D3B1 6C9E3D8B
D98987BF E40CBD9E 1AECA0C2 2189BB5C 8FA85686 CD98B646 5575B146 8DFC66A8
467A3DF4 4D565700 6ADF0F0D CF835015 3C04FF7C 21E878AC 11BA9CD2 55A9232C
7CA7B7E6 C1AF74F6 152E99B7 B1FCF9BB E973DE7F 5BDDEB86 C71E3B49 1765308B
5FB0DA06 B92AFE7F 494E8A9E 07B85737 F3A58BE1 1A48A229 C37C1E69 39F08678
80DDCD16 D6BACECA EEBC7CF9 8428787B 35202CDC 60E4616A B623CDBD 230E3AFB
418616A9 4093E049 4D10AB75 27E86F73 932E35B5 8862FDAE 0275156F 719BB2F0
D697DF7F 28
quit
!
!
license boot level ipbasek9
!
!
diagnostic bootup level minimal
!
spanning-tree mode pvst
spanning-tree extend system-id
memory free low-watermark processor 79468
!
username cisco privilege 15 password 0 ttttttttttt
username admin privilege 15 password 0 tttttttt
username john privilege 15 password 0 ttttttttttt
!
redundancy
mode sso
!
!
!
!
!
transceiver type all
monitoring
hw-switch switch 1 logging onboard message
!
vlan configuration 20,30
!
!
class-map match-any AutoQos-4.0-Output-Multimedia-Conf-Queue
match dscp af41 af42 af43
match cos 4
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any AutoQos-4.0-Output-Bulk-Data-Queue
match dscp af11 af12 af13
match cos 1
class-map match-any system-cpp-default
description EWLC control, EWLC data, Inter FED
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, High Rate App, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any AutoQos-4.0-Output-Priority-Queue
match dscp cs4 cs5 ef
match cos 5
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any AutoQos-4.0-Output-Multimedia-Strm-Queue
match dscp af31 af32 af33
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any AutoQos-4.0-Output-Trans-Data-Queue
match dscp af21 af22 af23
match cos 2
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold Pkt
class-map match-any AutoQos-4.0-Output-Scavenger-Queue
match dscp cs1
class-map match-any AutoQos-4.0-Output-Control-Mgmt-Queue
match dscp cs2 cs3 cs6 cs7
match cos 3
!
policy-map AutoQos-4.0-Output-Policy
class AutoQos-4.0-Output-Priority-Queue
priority level 1 percent 30
class AutoQos-4.0-Output-Control-Mgmt-Queue
bandwidth remaining percent 10
queue-limit dscp cs2 percent 80
queue-limit dscp cs3 percent 90
queue-limit dscp cs6 percent 100
queue-limit dscp cs7 percent 100
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Conf-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Trans-Data-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class AutoQos-4.0-Output-Bulk-Data-Queue
bandwidth remaining percent 4
queue-buffers ratio 10
class AutoQos-4.0-Output-Scavenger-Queue
bandwidth remaining percent 1
queue-buffers ratio 10
class AutoQos-4.0-Output-Multimedia-Strm-Queue
bandwidth remaining percent 10
queue-buffers ratio 10
class class-default
bandwidth remaining percent 25
queue-buffers ratio 25
policy-map AutoQos-4.0-Trust-Cos-Input-Policy
class class-default
set cos cos table AutoQos-4.0-Trust-Cos-Table
policy-map system-cpp-policy
policy-map port_child_policy
class non-client-nrt-class
bandwidth remaining ratio 10
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
no ip address
negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
switchport access vlan 30
!
interface GigabitEthernet1/0/27
switchport access vlan 20
!
interface GigabitEthernet1/0/28
switchport access vlan 30
!
interface GigabitEthernet1/0/29
switchport access vlan 20
!
interface GigabitEthernet1/0/30
switchport access vlan 30
!
interface GigabitEthernet1/0/31
switchport access vlan 20
!
interface GigabitEthernet1/0/32
switchport access vlan 30
!
interface GigabitEthernet1/0/33
switchport access vlan 20
!
interface GigabitEthernet1/0/34
switchport access vlan 30
!
interface GigabitEthernet1/0/35
description connected to 192.168.3.2 router
switchport trunk native vlan 20
!
interface GigabitEthernet1/0/36
description connected to 192.168.4.2 router
switchport trunk native vlan 30
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
description Connected to Wan Router 1 IP192.168.2.2
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
description 192.168.3.2
!
interface GigabitEthernet1/0/48
description 192.168.4.2
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan1
description Main
ip address 192.168.2.200 255.255.255.0
!
interface Vlan20
description VLAN20
ip address 192.168.3.20 255.255.255.0
!
interface Vlan30
description VLAN30
ip address 192.168.4.30 255.255.255.0
!
ip default-gateway 192.168.2.2
ip forward-protocol nd
ip http server
ip http authentication aaa login-authentication default
ip http authentication aaa exec-authorization default
ip http secure-server
ip http secure-trustpoint TP-self-signed-1716188296
ip http timeout-policy idle 600 life 2000 requests 2000
ip http session-idle-timeout 1200
ip ftp source-interface Vlan1
ip ftp username john
ip ftp password ttttttttt
ip ssh source-interface Vlan1
ip ssh version 2
!
!
!
!
!
!
!
control-plane
service-policy input system-cpp-policy
!
!
line con 0
exec-timeout 0 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password tttttttttt
length 0
line vty 5 15
password tttttttttttt
!
!
wsma agent exec
profile httplistener
profile httpslistener
!
wsma agent config
profile httplistener
profile httpslistener
!
wsma agent filesys
profile httplistener
profile httpslistener
!
wsma agent notify
profile httplistener
profile httpslistener
!
!
wsma profile listener httplistener
transport http
!
wsma profile listener httpslistener
transport https
!
end

I am guessing this is not going to work as I have 3 routers connected to the internet and they all have to have different LAN subnets and all there lans go into one 3650 I have exahusted everything I can do in SVI 

version 16.12
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service call-home
platform punt-keepalive disable-kernel-core
platform management port rate-limt-enabled
!
hostname Switch
!
!
vrf definition Mgmt-vrf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
logging console emergencies
enable secret 9 $9$oVqlz6ZLRXiOGE$mbQ5zDmIIKmwI6ycwTChIuSK.GG7Rdibq0ZHyVzajRo
enable password Time4Beer
!
aaa new-model
!
!
aaa authentication login default local
!
!
!
!
!
!
aaa session-id common
switch 1 provision ws-c3650-48ps
!
!
!
!
call-home
! If contact email address in call-home is configured as sch-smart-licensing@cisco.com
! the email address configured in Cisco Smart License Portal will be used as contact email address to send SCH notifications.
contact-email-addr sch-smart-licensing@cisco.com
profile "CiscoTAC-1"
active
destination transport-method http
no destination transport-method email
ip routing
!
!
!
!
!
!
!
!
login on-success log
!
!
!
!
!
no device-tracking logging theft
!
crypto pki trustpoint SLA-TrustPoint
enrollment pkcs12
revocation-check crl
!
crypto pki trustpoint TP-self-signed-1716188296
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-1716188296
revocation-check none
rsakeypair TP-self-signed-1716188296
!
!
crypto pki certificate chain SLA-TrustPoint
crypto pki certificate chain TP-self-signed-1716188296
!
!
license boot level ipbasek9
!
!
diagnostic bootup level minimal
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
memory free low-watermark processor 79468
!
username john privilege 15 password 0 Time4Beer
username admin privilege 15 secret 9 $9$3VAJ1lML2V2K3U$gILFllWlN2.vzcXw0k17gA9h5eCUidbZiNMx21v6xmA
username cisco privilege 15 secret 9 $9$2l2M3FUH2/6F2U$XirPDmx6.GgwHUCgKtvczBq5HWwowm.QDMC8uSr33Fo
!
redundancy
mode sso
!
!
!
!
!
transceiver type all
monitoring
!
!
class-map match-any system-cpp-police-topology-control
description Topology control
class-map match-any system-cpp-police-sw-forward
description Sw forwarding, L2 LVX data, LOGGING
class-map match-any system-cpp-default
description EWLC control, EWLC data, Inter FED
class-map match-any system-cpp-police-sys-data
description Learning cache ovfl, High Rate App, Exception, EGR Exception, NFL SAMPLED DATA, RPF Failed
class-map match-any system-cpp-police-punt-webauth
description Punt Webauth
class-map match-any system-cpp-police-l2lvx-control
description L2 LVX control packets
class-map match-any system-cpp-police-forus
description Forus Address resolution and Forus traffic
class-map match-any system-cpp-police-multicast-end-station
description MCAST END STATION
class-map match-any system-cpp-police-multicast
description Transit Traffic and MCAST Data
class-map match-any system-cpp-police-l2-control
description L2 control
class-map match-any system-cpp-police-dot1x-auth
description DOT1X Auth
class-map match-any system-cpp-police-data
description ICMP redirect, ICMP_GEN and BROADCAST
class-map match-any system-cpp-police-stackwise-virt-control
description Stackwise Virtual
class-map match-any non-client-nrt-class
class-map match-any system-cpp-police-routing-control
description Routing control and Low Latency
class-map match-any system-cpp-police-protocol-snooping
description Protocol snooping
class-map match-any system-cpp-police-dhcp-snooping
description DHCP snooping
class-map match-any system-cpp-police-system-critical
description System Critical and Gold Pkt
!
policy-map system-cpp-policy
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
vrf forwarding Mgmt-vrf
ip address 192.168.2.1 255.255.255.0
negotiation auto
!
interface GigabitEthernet1/0/1
!
interface GigabitEthernet1/0/2
!
interface GigabitEthernet1/0/3
!
interface GigabitEthernet1/0/4
!
interface GigabitEthernet1/0/5
!
interface GigabitEthernet1/0/6
!
interface GigabitEthernet1/0/7
!
interface GigabitEthernet1/0/8
!
interface GigabitEthernet1/0/9
!
interface GigabitEthernet1/0/10
!
interface GigabitEthernet1/0/11
!
interface GigabitEthernet1/0/12
!
interface GigabitEthernet1/0/13
!
interface GigabitEthernet1/0/14
!
interface GigabitEthernet1/0/15
!
interface GigabitEthernet1/0/16
!
interface GigabitEthernet1/0/17
!
interface GigabitEthernet1/0/18
!
interface GigabitEthernet1/0/19
!
interface GigabitEthernet1/0/20
!
interface GigabitEthernet1/0/21
!
interface GigabitEthernet1/0/22
!
interface GigabitEthernet1/0/23
!
interface GigabitEthernet1/0/24
!
interface GigabitEthernet1/0/25
!
interface GigabitEthernet1/0/26
!
interface GigabitEthernet1/0/27
!
interface GigabitEthernet1/0/28
!
interface GigabitEthernet1/0/29
!
interface GigabitEthernet1/0/30
!
interface GigabitEthernet1/0/31
!
interface GigabitEthernet1/0/32
!
interface GigabitEthernet1/0/33
!
interface GigabitEthernet1/0/34
!
interface GigabitEthernet1/0/35
!
interface GigabitEthernet1/0/36
!
interface GigabitEthernet1/0/37
!
interface GigabitEthernet1/0/38
!
interface GigabitEthernet1/0/39
!
interface GigabitEthernet1/0/40
!
interface GigabitEthernet1/0/41
!
interface GigabitEthernet1/0/42
!
interface GigabitEthernet1/0/43
switchport mode trunk
!
interface GigabitEthernet1/0/44
!
interface GigabitEthernet1/0/45
switchport mode trunk
!
interface GigabitEthernet1/0/46
!
interface GigabitEthernet1/0/47
switchport mode trunk
!
interface GigabitEthernet1/0/48
!
interface GigabitEthernet1/1/1
!
interface GigabitEthernet1/1/2
!
interface GigabitEthernet1/1/3
!
interface GigabitEthernet1/1/4
!
interface Vlan1
ip dhcp client client-id ascii FDO2131E1UZ
ip address 192.168.2.1 255.255.255.0
!
interface Vlan20
ip address 192.168.3.1 255.255.255.0
!
interface Vlan30
ip address 192.168.4.1 255.255.255.0
!
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http client source-interface Vlan1
!
!
!
!
!
!
!
control-plane
service-policy input system-cpp-policy
!
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
password Time4Beer
length 0
line vty 5 15
password Time4Beer
!
!
!
!
!
!
!
end