Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2190
Views
5
Helpful
6
Replies

Configure default route on SG-300 52-port - L3 mode

Go to solution
manuelbts
Level 1
Level 1

‎11-03-2015 10:01 PM - edited ‎03-08-2019 02:33 AM

Hi everybody,

I'm a web developer with (outdated) knowledge on cisco networking.

My company recently aquired a brand new cisco sg-300 52-port (SRW2048-K9-NA) and we want to use it as a layer 3 switch to wire-up our small office at MX.

With my little knowledge on networking, I managed to setup the switch to this state:

* Basic security
* Layer 3 mode
* VLAN 1 with network address 10.0.1.0/24 (native)

* VLAN 2 with network address 10.0.2.0/24 (developers)

* VLAN 3 with network address 10.0.3.0/24 (corporate)

* DHCP enabled

* DHCP pools for each VLAN

As you may have notice, I want my IPs to be easily remembered by anybody and to identify VLANs with their last network octet form management proposes.

Everything works very well so far, when I plug my computer to any node it takes the corresponding ip addres for that VLAN, but the issue is that I cannot figure out how to route those clients to internet and my client OS says 'No access to Internet' or 'Limited connection'.

Our ISP gave us 12 public IPs and I want to take one of those and assign it as our default gateway (or route) to internet, I can't find a way to do it (and the sg-300's web interface isn't helpful at all).

Could you please help point me in the right direction on how to define a default static route?

Let's assume that my ISP gave me the IP 187.215.133.160 - 255.255.240.0

Thank you so much!

Manuel.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
milan.kulik
Level 10
Level 10
In response to manuelbts

‎11-04-2015 10:51 AM

Hi,

as I said already:

You would need the ISP to reconfigure their router.

Without them cooperating, you could try to configure your L3 switch to get an IP address via DHCP from the ISP router. Then you woul dbe able to connect to the Internet from the switch probably. But NOT from the PCs connected behind your switch!

Regards,

Milan

View solution in original post

6 Replies 6

Go to solution
milan.kulik
Level 10
Level 10

‎11-03-2015 10:54 PM

Hi,

I'm afraid this switch does not provide any NAT features necessary to connect to the Internet if your ISP is giving you public addresses only.

You would need some router or FW (preferred) to configure NATing of your private IP addresses to public ones and also to protect your site against possible Internet sourced attacks.

Or am I missing something and there is a router/FW already in place and you need just to configure a deafult route pointing to its LAN interface (and modify NAT configuration on it possibly)?

Best regards,

Milan

0 Helpful

Go to solution
manuelbts
Level 1
Level 1
In response to milan.kulik

‎11-03-2015 11:04 PM

Hi Milan,

You are correct, I forgot to mention that the ISP installed a router along with the switch, I personally plugged my laptop on one of the router's ports and was able to access Internet so I think it has a DHCP on its side.

The thing is that I tried to configure a default route ( 0.0.0.0 0.0.0.0 x.x.x.x) being x.x.x.x the public IP the ISP gave us but it didn't make it. I wonder if what I'm doing wrong.

I connected the switch from port 52 (Gigabit) to one of the router's ports and assigned x.x.x.x ip to that port, then I created the route on the switch's 'IPv4 Routes' section but no luck.

Thanks.

0 Helpful

Go to solution
milan.kulik
Level 10
Level 10
In response to manuelbts

‎11-03-2015 11:26 PM

Hi,

you would need to connect your switch to the ISP router LAN port.

And to use some private subnet between your L3 switch and that router.

Then you could configure the router's LAN port IP as the defaut route next-hop on your L3 switch.

And the ISP would need to reconfigure his router to use the agreed LAN subnet, to add static routes for your other subnets behind your L3 switch and to modify NAT rules on his router.

What I 'd recommend though would be putting a FW between the ISP router and your company network to secure the connection.

I guess you should ask some consulting company (or your ISP possibly?) to explain you how to make the connection working and secured?

Best regards,

Milan

.

0 Helpful

Go to solution
manuelbts
Level 1
Level 1
In response to milan.kulik

‎11-04-2015 08:43 AM

Thanks for the suggestion,

ISP help is not an option, that's why I came here looking for some light :)

I know that the ISP Router is leasing IPs by DHCP, so when I connect the Switch I just need to assign a NAT address just like 10.0.0.1, the problem is when I try to create the route like this:

0.0.0.0 0.0.0.0 10.0.0.1

Switch says I cannot define a default gateway pointing to an internally defined IP (10.0.0.1), honestly, I can't figure out how to do it.

0 Helpful

Go to solution
milan.kulik
Level 10
Level 10
In response to manuelbts

‎11-04-2015 10:51 AM

Hi,

as I said already:

You would need the ISP to reconfigure their router.

Without them cooperating, you could try to configure your L3 switch to get an IP address via DHCP from the ISP router. Then you woul dbe able to connect to the Internet from the switch probably. But NOT from the PCs connected behind your switch!

Regards,

Milan

Go to solution
manuelbts
Level 1
Level 1
In response to milan.kulik

‎11-04-2015 02:45 PM

Thank you so much Milan for taking the time and sharing your knowledge, I will contact my ISP and have them configure their router.

Kind Regards!

Manuel.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card