Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
558
Views
0
Helpful
7
Replies

Cannot ping between vlan's

khhhhhhhh957
Level 1
Level 1

‎12-08-2016 02:14 AM - edited ‎03-08-2019 08:29 AM

Hi,

After applying the PBR in my network, I can not ping between the different vlan's (5,20,200). The fact of having applied the PBR, is that i have 2 ISP with 2 different networks.

Can I not ping between the VLANs because acl or rights or is it because i have 2 ISP with 2 different networks ?

Have you an idea ?

Thank you and good day !

Labels:
Preview file
6 KB
0 Helpful
7 Replies 7

GRANT3779
Spotlight
Spotlight

‎12-08-2016 02:37 AM

I assume you could ping between vlans without the PBR?

From looking at your DATA ACL first of all, you are essentially matching ALL IP traffic. I think this will be processed before looking at directly connected routes. Are you only supposed to be sending internet bound traffic or did you intend to send all IP traffic?

For the Voice -

route-map PBR permit 20
match ip address VOIP
set ip next-hop 192.168.1.1    - Where exactly is this next hop?

0 Helpful

khhhhhhhh957
Level 1
Level 1
In response to GRANT3779

‎12-08-2016 03:08 AM

Hi, yes i can ping between vlan's without PBR. 

I would like to make sure that a VLAN 20 goes through the ISP2 and all the other VLANs by the ISP1.

The 192.168.1.1 is the ip of interface of internet modem.

0 Helpful

GRANT3779
Spotlight
Spotlight
In response to khhhhhhhh957

‎12-08-2016 03:14 AM

If you are talking about internet bound traffic only for DATA you could amend your ACL

e.g 

ip access-list extended DATA
permit tcp 192.168.0.0 0.0.0.255 any eq 80 443

This will PBR the Internet bound traffic and everything else should follow routing table.

0 Helpful

khhhhhhhh957
Level 1
Level 1
In response to GRANT3779

‎12-08-2016 03:27 AM

With this command, i can ping between vlan's but i have not internet access with hosts from vlan 5 (192.168.0.X)

0 Helpful

GRANT3779
Spotlight
Spotlight
In response to khhhhhhhh957

‎12-08-2016 03:35 AM

I see you have DNS Servers listed as part of the DHCP Scopes. I do not see any default route though on the config you supplied.

How do your clients know how to route to the DNS server for example?

0 Helpful

khhhhhhhh957
Level 1
Level 1
In response to GRANT3779

‎12-08-2016 03:38 AM

I had a default route but I deleted it. I thought that with the PBR it would no longer be used ...

0 Helpful

GRANT3779
Spotlight
Spotlight
In response to khhhhhhhh957

‎12-08-2016 03:50 AM

The PBR will be used.

This is checked at ingress on the Interface you apply it to. Anything matching your ACL will use the PBR.

Everything else will route as if there was no PBR.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card