08-08-2010 12:54 AM - edited 03-06-2019 12:22 PM
Hello All,
I have a question regarding connecting a 3560 switch I have to a Linksys WRT54G router. Since the 3560 doesn't have NAT, what I would like to do is use the Linksys as my NAT router and then have a different subnet on my 3560 to separate it from the wireless traffic. I'm currently a little stumped. What I have done is:
1) Created a 192.168.2.0 subnet on the 3560 by assigning an IP to VLAN 1 of 192.168.2.10
2) The subnet on my Linksys is 192.168.1.0
3) Added the 192.168.2.0 subnet to the routing table in the Linksys router with the gateway of 192.168.1.2
4) Entered no switchport command on fa 0/3 on the 3560
5) Assigned fa 0/3 the IP address 192.168.1.2
6) Entered the IP route ex. 68.34.25.0 (ISP IP address) 255.255.255.0 192.168.1.1 (gateway of Linksys router)
I am able to ping all PCs connected to both subnets, so all traffic between the subnets seems to communicate fine. I cannot reach the internet from the 192.168.2.0 subnet, however. I can ping the ip address that is assigned to my Linksys router ex. 68.34.25.20 from my 3560, but I'm still not getting internet traffic. When I look at the routing table of my Linksys, there is an entry for the gateway 68.34.25.21, but I cannot ping that from my 3560. Is there a way I can add an IP route directly to that address? Any other thoughts? Perhaps the steps I have taken so far aren't the best way to do this as is. Thanks for any help.
Solved! Go to Solution.
08-08-2010 07:53 PM
Hello,
Please try the following setup:
LAN hosts (192.168.2.2 - 2.126/24) -- VLAN 1 (192.168.2.1/25) ---
FastEthernet 0/3 (192.168.2.129/25) --- Linksys (192.168.2.254/24)
So, essentially, from Linksys perspective, it is one single subnet (both LAN
and Wireless clients will be on 192.168.2.x) where as the 3560 sees them on
two different subnets i.e. 192.168.2.0/25 and 192.168.2.128/25.
Steps to follow:
-- On Linksys, remove 192.168.1.x subnet completely.
-- On Linksys, configure 192.168.2.x subnet for router IP, DHCP (for
Wireless)
-- On Switch, configure the Router IP as the default route (If the Router IP
on Linksys is 192.168.2.254, then "ip route 0.0.0.0 0.0.0.0 192.168.2.254"
-- Make sure that all the LAN clients have IP within 192.168.2.2 - 2.126
range and their default gateway is 192.168.2.1
If this is still not working, please post a screenshot of the Linksys
configuration page.
Regards,
NT
08-08-2010 12:59 AM
Hello,
Can you add default route on the 3560 and also turn on "ip routing"?
Switch(config)#ip routing
Switch(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.1
Hope this helps.
Regards,
NT
08-08-2010 09:47 AM
Thanks for the response. Unfortunately, that did not work. Here is my running config:
sh running-config
Building configuration...
Current configuration : 2271 bytes
!
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname KC
!
enable secret 5 $1$VOzH$1Lh/3duKSu8jQAN6MshrU/
!
no aaa new-model
ip subnet-zero
ip routing
!
!
!
!
no file verify auto
--More-- spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
!
interface FastEthernet0/2
!
interface FastEthernet0/3
no switchport
ip address 192.168.1.14 255.255.255.0
!
interface FastEthernet0/4
!
interface FastEthernet0/5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
--More-- interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
--More-- !
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface FastEthernet0/25
!
interface FastEthernet0/26
!
interface FastEthernet0/27
!
interface FastEthernet0/28
!
interface FastEthernet0/29
!
interface FastEthernet0/30
!
interface FastEthernet0/31
!
--More-- interface FastEthernet0/32
!
interface FastEthernet0/33
!
interface FastEthernet0/34
!
interface FastEthernet0/35
!
interface FastEthernet0/36
!
interface FastEthernet0/37
!
interface FastEthernet0/38
!
interface FastEthernet0/39
!
interface FastEthernet0/40
!
interface FastEthernet0/41
!
interface FastEthernet0/42
!
interface FastEthernet0/43
--More-- !
interface FastEthernet0/44
!
interface FastEthernet0/45
!
interface FastEthernet0/46
!
interface FastEthernet0/47
!
interface FastEthernet0/48
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface GigabitEthernet0/3
!
interface GigabitEthernet0/4
!
interface Vlan1
ip address 192.168.2.10 255.255.255.0
!
interface Vlan20
--More-- no ip address
!
ip classless
ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip http server
!
!
control-plane
!
!
line con 0
line vty 0 4
password
no login
line vty 5 15
password no login
end
KC#
Here is the routing table on the Linksys. The IP address on the router is 68.94.164.39.
Routing Table Entry List | ||||
Destination LAN IP | Subnet Mask | Gateway | Hop Count | Interface |
---|---|---|---|---|
192.168.2.0 | 255.255.255.0 | 192.168.1.14 | 0 | LAN & Wireless |
192.168.1.0 | 255.255.255.0 | 0.0.0.0 | 0 | LAN & Wireless |
68.94.164.0 | 255.255.255.0 | 0.0.0.0 | 0 | WAN (Internet) |
0.0.0.0 | 0.0.0.0 | 68.94.164.40 | 0 | WAN (Internet) |
Any other thoughts? Thanks.
08-08-2010 10:24 AM
Hello,
The issue seems to be with Linksys not able to NAT your internal subnet. If
possible, let us try the following (Assuming that you do not have more than
128 clients in your internal LAN and wireless networks individually):
On the switch:
ip classless
interface vlan 1
ip address 192.168.2.1 255.255.255.128
exit
interface fastethernet 0/3
ip address 192.168.2.129 255.255.255.128
ip proxy-arp
exit
no ip route 0.0.0.0 0.0.0.0 192.168.1.1
ip route 0.0.0.0 0.0.0.0 192.168.2.254
On the Linksys:
Change the inside subnet to 192.168.2.0 with inside IP of 192.168.2.254.
Change the dhcp scope of the Linksys to 192.168.2.128/25 (starting address
of 192.168.2.129 and the last address being 192.168.2.253).
This should fix the issue.
Regards,
NT
08-08-2010 11:00 AM
Thanks for your reply. Upon trying to enter the commands:
interface vlan 1
ip address 192.168.2.1 255.255.255.128
exit
interface fastethernet 0/3
ip address 192.168.2.129 255.255.255.128
ip proxy-arp
exit
I receive the message "192.168.2.0 overlaps with Vlan1" when trying to assign the ip address to fa 0/3
Also, when I change the subnet in the Linksys routing table to 192.168.2.0 with a gateway of 192.168.2.254 after changing the gateway of last resort on the 3560, it doesn't accept it in the routing table. But perhaps that has to do with not being able to set fa 0/3.
Thanks for your help
08-08-2010 11:07 AM
Hello,
Can you please post the output of "show ip interface brief | exc unas" and
"show run interface vlan 1" commands from the switch?
Regards,
NT
08-08-2010 11:33 AM
I made a typo as it turns out and as you said I was able to assign what you suggested regarding vlan 1 and fa 0/3. I still cannot make an entry in the Linksys routing table for 192.168.2.0 with a gateway 192.168.2.254. Thanks.
KC#sh ip int brief | exc unas
Interface IP-Address OK? Method Status Protocol
Vlan1 192.168.2.1 YES manual up up
FastEthernet0/3 192.168.2.129 YES manual up up
KC#sh run int vlan 1
Building configuration...
Current configuration : 63 bytes
!
interface Vlan1
ip address 192.168.2.1 255.255.255.128
end
08-08-2010 11:42 AM
Andrew
Within the configuration web page(s) on the linsys is there anywhere you can configure NAT and if so what does it allow you to do ?
Jon
08-08-2010 11:55 AM
Hi Jon,
It doesn't look like there really are any choices for NAT configuration. I'm starting to think that perhaps NAT is limited to the local subnet and that is the issue. Thanks for your reply
08-08-2010 01:59 PM
Hello,
Are you using the Linksys device for Wireless? If you are, then when you
change the IP on the Linksys, the wireless clients will automatically get
new IP addresses in 192.168.2.128/25 range.
Hope this helps.
Regards,
NT
08-08-2010 11:44 AM
Hello,
You do not need to make any other change on the Linksys. Just change the IP address (Router IP) to 192.168.2.254 with a mask of 255.255.255.0. As shown in the picture, just change the Router IP and also change the DHCP range (192.168.2.129 should be the starting IP with number of users being 125). You do not need any route statement in the Linksys. It already knows the 192.168.2.0 subnet as being part of its internal subnet.
Hope this helps.
Regards,
NT
08-08-2010 11:52 AM
Thanks a lot for your help. If I change the router information and DHCP info to 192.168.2.0 subnet won't I then lose my current subnet of 192.168.1.0 that I'm using for wireless? I think perhaps my Linksys may be the problem. Perhaps it isn't capable of NATing for any subnet other than it's local subnet? It is a consumer grade router.
08-08-2010 03:22 PM
Is the internet from linksys only , or you have another connection ? if yes go down
3560:
remove all configuration
ip routing
interface vlan 1
ip address 192.168.1.1 255.255.255.0
interface vlan 2
ip address 192.168.2.1 255.255.255.0
ip route 0.0.0.0 0.0.0.0 192.168.1.(Linksys IP)
default gateway for all users is 3560 vlans IP
,,,,,,,,
Linksys:
Just route 192.168.2.0 255.255.255.0 (3560 IP address VLAN1)
08-08-2010 07:33 PM
Thanks for your reply. I did what you suggested, but unfortunately am in the same situation as before. Both subnets can communicate with each other fine, but I cannot reach the internet from the 192.168.2.0 subnet. You didn't mention how I should go about connecting the Linksys to the the 3560. I currently have the 3560 connected to the router and on the 3560 the port is in switchport access mode and connected to a port in vlan 1. Any other thoughts? Thanks for your help.
08-08-2010 07:53 PM
Hello,
Please try the following setup:
LAN hosts (192.168.2.2 - 2.126/24) -- VLAN 1 (192.168.2.1/25) ---
FastEthernet 0/3 (192.168.2.129/25) --- Linksys (192.168.2.254/24)
So, essentially, from Linksys perspective, it is one single subnet (both LAN
and Wireless clients will be on 192.168.2.x) where as the 3560 sees them on
two different subnets i.e. 192.168.2.0/25 and 192.168.2.128/25.
Steps to follow:
-- On Linksys, remove 192.168.1.x subnet completely.
-- On Linksys, configure 192.168.2.x subnet for router IP, DHCP (for
Wireless)
-- On Switch, configure the Router IP as the default route (If the Router IP
on Linksys is 192.168.2.254, then "ip route 0.0.0.0 0.0.0.0 192.168.2.254"
-- Make sure that all the LAN clients have IP within 192.168.2.2 - 2.126
range and their default gateway is 192.168.2.1
If this is still not working, please post a screenshot of the Linksys
configuration page.
Regards,
NT
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide