Solved: Re: Cisco 2960 x Routing VLANs to Internet

Nqabeni · ‎08-15-2018

Good day All,

I have a cisco 2960 X with two vlans, vlan 1 and vlan 2 users from different department connected on separate vlans. I have an ADSL router on port 23.

Problem: I can't seem to route my users to the internet.

Any suggestions on best practice configs would be helpful

This my current setup:

interface Vlan1
ip address 192.168.1.251 255.255.255.0
ip helper-address 192.168.1.1

interface Vlan2
ip address 192.168.2.1 255.255.255.0
ip helper-address 192.168.1.1

sh ip default-gateway
192.168.1.251 --vlan 1

sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

192.168.1.0/16 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Vlan1
L 192.168.1.251/32 is directly connected, Vlan1

192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.2.0/24 is directly connected, Vlan2
L 192.168.2.1/32 is directly connected, Vlan2

show sdm prefer
The current template is "lanbase-routing" template.
The selected template optimizes the resources in
the switch to support this level of features for
0 routed interfaces and 255 VLANs.

number of unicast mac addresses: 4K
number of IPv4 IGMP groups + multicast routes: 0.375k
number of IPv4 unicast routes: 0.875k
number of directly-connected IPv4 hosts: 0.875k
number of indirect IPv4 routes: 80
number of IPv6 multicast groups: 0.25K
number of IPv6 unicast routes: 0.875k
number of directly-connected IPv6 addresses: 0.75K
number of indirect IPv6 unicast routes: 32
number of IPv4 policy based routing aces: 0
number of IPv4/MAC qos aces: 0.375k
number of IPv4/MAC security aces: 0.375k
number of IPv6 policy based routing aces: 0
number of IPv6 qos aces: 0.125k
number of IPv6 security aces: 0.25K

Problem is I can't seem to coonect both vlan to internet access, IP Route doesn't work.

Any thoughts, I believe I amiss by inch.

Nqabeni · ‎08-15-2018

Managed to resolve this. Thank you all for taking time to review my question.

View solution in original post

Nqabeni · ‎08-15-2018

Managed to resolve this. Thank you all for taking time to review my question.

selvakumar.vec · ‎08-15-2018

Hi Nqabeni,

Could you please let us know how you resolved this. So that we can get the resolution.

Thanks,

Selva

selvakumar.vec · ‎08-15-2018

Hi Nqabeni,

Could you please let us know how you resolved this. So that we can get the resolution and help others too.

Thanks,

Selva

Nqabeni · ‎08-16-2018

Hi Selvakumar,

I set configs as follows:

ip default gateway 192.168.1.1 [vlan 1]

ip route 0.0.0.0 0.0.0.0.0 10.81.0.1 [router ip]

But I am stilling struggling to to avail vlan 2 to internet access, I will update once I have resolved this.

Georg Pauwen · ‎08-16-2018

Hello,

post the full config of the switch. You most likely have to do double NAT to get your clients in Vlan 2 to acccess the Internet...

Nqabeni · ‎08-16-2018

Thank you for your response and insight George.

I have attached the full config of the switch.

Georg Pauwen · ‎08-16-2018

Hello,

where is IP address 10.81.0.1 configured ? On the ADSL router ?

ip route 0.0.0.0 0.0.0.0 10.81.0.1

Nqabeni · ‎08-16-2018

Hi George, 10.81.0.1 is defined on the ADSL router. I can ping it successfully from the switch.

Georg Pauwen · ‎08-16-2018

Hello,

can you find out what the internal IP address space is that the ADSL router uses ? I would think it is 192.168.1.0/24...can you confirm that ?

Nqabeni · ‎08-16-2018

Hi Georg, we changed the router from 192.168.1.0/24 to 10.81.0.x. when it was installed.

So 10.81.0.1 is the router's internal IP address. The router's external IP to ISP is 168.x.x x

Georg Pauwen · ‎08-16-2018

Hello,

I am a bit reluctant to reconfigure your switch since I don't know exactly what the ADSL router config looks like, you have apparently changed the defaults. What brand/model is the router ? The easiest would be to add 192.168.2.0/24 on the ADSL router to the networks that need to be NATted. Can you check if that is possible ?