I have 3 Vlans - Native, 20, 30. I have one host on 20 and 30 and they can talk to each other, but they both can't access the internet. Consoled from the switch I can ping the router, both Vlans, and websites. I am using the first ethernet port to connect to another switch (trunked) which is connected to a firewall (10.2.255.2).
no service pad
service sequence-numbers
!
no aaa new-model
ip subnet-zero
ip routing
no ip domain-lookup
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface GigabitEthernet1/0/1
switchport trunk encapsulation dot1q
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
mls qos trust cos
macro description cisco-switch
auto qos voip trust
spanning-tree link-type point-to-point
!
interface GigabitEthernet1/0/2
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/3
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/4
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/5
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/6
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/7
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/8
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/9
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/10
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/11
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/12
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/13
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/14
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/15
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/16
switchport access vlan 20
switchport mode access
!
interface GigabitEthernet1/0/17
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/18
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/19
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/20
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/21
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/22
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/23
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/24
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/25
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/26
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/27
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/28
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/29
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/30
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/31
switchport access vlan 30
switchport mode access
!
interface GigabitEthernet1/0/32
switchport access vlan 30
switchport mode access
!
interface Vlan1
ip address 10.2.255.203 255.255.255.0
!
interface Vlan20
ip address 192.168.20.1 255.255.255.0
!
interface Vlan30
ip address 192.168.30.1 255.255.255.0
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.2.255.2
ip http server
ip http secure-server
!
control-plane
!
Any help would be greatly appreciated. Thanks.
