cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
402
Views
5
Helpful
6
Replies
JeremieBelpois
Beginner

Cisco Nexus L3 Routing

Hi, i am new to cisco Nexus devices, I am trying to configure default-route:
I want to my server (192.168.10.5, vlan 500) can access to default gateway (192.168.1.1) at pfsense.

My switch is Cisco N3K-3064PQ

e1/1 connected to pfsense as routed port

e1/5 connected to my server as switch mode access

here is my configuration:

 

ip route 0.0.0.0/0 192.168.1.1
vlan 1,500

vrf context management
ip route 0.0.0.0/0 192.168.1.1
no port-channel load-balance resilient

no hardware profile ecmp resilient


interface Vlan1
no shutdown
no ip redirects

interface Vlan500
no shutdown
no ip redirects
ip address 192.168.10.1/24

interface Ethernet1/1
no switchport
no ip redirects
ip address 192.168.1.2/24

interface Ethernet1/2

interface Ethernet1/3

interface Ethernet1/4

interface Ethernet1/5
switchport access vlan 500
spanning-tree port type edge

I can ping from my switch as well but at server side can't, what should i do ?

 
 
 
 
1 ACCEPTED SOLUTION

Accepted Solutions
Jon Marshall
VIP Community Legend

 

In addition to what the others have said make is there a route on the pfSense for the 192.168.10.0/24 subnet with a next hop IP of 192.168.1.2 ?

 

Jon

 

 

View solution in original post

6 REPLIES 6
Sergiu.Daniluk
VIP Advocate

Hi @JeremieBelpois 

I would first like to let you know that there is a section dedicated to Nexus switches in the Data Center Technology area, called "Data Center Switches": https://community.cisco.com/t5/data-center/ct-p/4436-data-center

 

Regarding your problem, here are a couple of questions:

1. From your PC, are you able to ping the gateway (the SVI 500 configured on the N3k)? If you are not able to ping the gateway, then verify the following 

   1.1  verify that the gateway is configured correctly on the server

   1.2  vlan 500 is configured on the N3K and STP is in forwarding

2. From your Nexus switch, if you ping the pfsense using source as SVI500, does it work?

 

ping 192.168.1.1 source 192.168.10.1

 

If is not working, verify that the route back to source is configured on the pfsense. If it is configured, do a tcpdump and confirm that ICMP requests are received and reply are being generated.

 

Let me know of the results.

 

Stay safe,

Sergiu

 

 

Hi, from my PC, I can ping to gateway (that's SVI of vlan500) as well, but I can not ping from switch with source ip 192.168.10.1

paul driver
VIP Mentor

Hello
By default some FWs deny ICMP also windows hosts also have software FWs enabled by default, So make sure you allow an exception for ICMP or temporally disable the software fw on the windows host/server if applicable.



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future

Thanks, but I have allow ICMP for both linux host and firewall

Jon Marshall
VIP Community Legend

 

In addition to what the others have said make is there a route on the pfSense for the 192.168.10.0/24 subnet with a next hop IP of 192.168.1.2 ?

 

Jon

 

 

View solution in original post

Thanks, my bad, that cause I forgot route from my pfsense to that subnet