Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1515
Views
5
Helpful
1
Replies

Can't ping across VLANs (SG350)

CSCO10174474
Level 1
Level 1

‎04-04-2021 04:05 AM

Hi All,

 

This has been driving me crazy for days, so I hope someone can help.

 

I have a SG350 (latest firmware: dated March 2021) with three VLANs defined, each with an IP assigned to the VLAN Interface:

  • VLAN 10 (192.168.10.2/24)
  • VLAN 20 (192.168.20.1/24)
  • VLAN 30 (192.168.30.1/24).

IPv4 Routing is turned On.

 

There are no ACLs in place.

 

The default gateway for VLAN 10 is a (NetComm) gateway router on 192.168.10.1, which has a static route defined as:

Destination IP/MaskGatewayInterface
192.168.0.0/16192.168.10.2br0

 

The Forwarding Table on the SG350 has: 

Destination IP PrefixPrefix LengthRoute TypeNext Hop Router IP AddressRoute OwnerMetricAdministrative DistanceOutgoing Interface
0.0.0.00Remote192.168.10.1Static41VLAN 10
192.168.10.024Local192.168.10.2Directly Connected  VLAN 10
192.168.20.024Local192.168.20.1Directly Connected  VLAN 20
192.168.30.024Local192.168.30.1Directly Connected  VLAN 30

 

I have two hosts on each VLAN: (192.168.x.11 & 192.168.x.12)

 

I have confirmed the following:

  • Host .10.11 can ping Host .10.12
  • Host .10.11 can ping SVI .10.2
  • Host .10.11 can ping Gateway .10.1
  • Host .10.12 can ping .10.11
  • Host .10.12 can ping SVI .10.2
  • Host .10.12 can ping Gateway .10.1
  • SVI .10.2 can ping Hosts .10.11 & .10.12
  • SVI .10.2 can ping Gateway .10.1
  • Gateway .10.1 can ping Hosts .10.11 & .10.12
  • Gateway .10.1 can ping SVI .10.2

 

  • Host .20.11 can ping .20.12
  • Host .20.11 can ping SVI .20.1
  • Host .20.12 can ping .20.11
  • Host .20.12 can ping SVI .20.1
  • SVI .20.1 can ping Hosts .20.11 & .20.12

 

  • Host .30.11 can ping .30.12
  • Host .30.11 can ping SVI .30.1
  • Host .30.12 can ping .30.11
  • Host .30.12 can ping SVI .30.1
  • SVI .30.1 can ping Hosts .30.11 & .30.12

Or, in other words, all intra-VLAN pings work as expected. Also:

  • SVI .20.1 can ping all Hosts, all SVIs, and the Gateway .10.1
  • SVI .30.1 can ping all Hosts, all SVIs, and the Gateway .10.1
  • All Host on VLAN 20 & 30 can ping all Hosts on VLAN 20 & 30
  • VLAN 10 has full Internet Access

However:

  • Hosts on VLAN 20 & 30 *cannot* ping anything on VLAN 10
  • Hosts on VLAN 10, SVI .10.2, and Gateway .10.1 *cannot ping* Hosts on VLAN 20 & 30.
  • VLAN 20 & 30 do not have Internet Access

Thus, I suspect I have some sort of "routing conflict" between the SG350 and the NetComm Gateway. Can someone (anyone!) please point this conflict out to me, because I'm buggered if I can find it (buggered = Australian slang for tired, broken, an annoying thing - take your pick).

 

Or, if my troubleshooting assumption is wrong, could someone please let me know what is the issue, and how to fix it.

 

Thanks in advance

 

Dulux-Oz

Labels:
1 Reply 1

balaji.bandi
Hall of Fame
Hall of Fame

‎04-04-2021 05:10 PM

where is the Layer 3 SVI for these VLAN they are configured in SG ? (as per the information it is configured on SG, just want to confirm)

 

did you enable Layer 3 routing?

 

https://www.youtube.com/watch?v=xK5HmMlaIlg

 

make sure IPv4 Routing enabled :

 

https://www.youtube.com/watch?v=NLMKwYSlQDY

 

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card