01-24-2014 12:22 PM - edited 03-07-2019 05:46 PM
Hello, I have a 2621xm Router and a 2950 (24 port) Fa switch. I am having trouble getting outside to the WAN using the switch, when I run a ping test while connected to the console cable on the router, it works fine. DHCP works fine for the Vlans and I can ping other Vlans on the switch. I am also able to ping the router through the switch, when connected to the console port on the switch I can't ping anything. Also, the router does get assigned an ip address through my cable modem. Any advice would be much appreciated. This is just a home lab but has been a learning experience!
Below are the running-config files:
Router:
Fa0/0: ip address dhcp
WAN-outside
Fa0/1: ip 10.0.1.1 /24
LAN-inside
Switch: 2950
SW1#show running-config
Building configuration...
Current configuration : 3065 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname SW1
!
enable secret 5 $1$yyjN$h/QH2MA5hvzzC4wvc/fk41
!
ip subnet-zero
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
!
!
!
interface FastEthernet0/1
switchport access vlan 5
switchport trunk allowed vlan 5,10,20,30
switchport mode access
!
interface FastEthernet0/2
switchport access vlan 5
switchport trunk allowed vlan 5,10,20,30
switchport mode access
!
interface FastEthernet0/3
switchport access vlan 5
switchport trunk allowed vlan 5,10,20,30
switchport mode access
!
interface FastEthernet0/4
switchport access vlan 5
switchport trunk allowed vlan 5,10,20,30
switchport mode access
!
interface FastEthernet0/5
switchport access vlan 10
switchport mode access
!
interface FastEthernet0/6
switchport access vlan 20
!
interface FastEthernet0/7
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/8
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/9
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/10
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/11
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/12
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/13
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/14
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/15
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/16
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/17
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/18
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/19
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/20
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/21
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/22
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/23
switchport access vlan 30
switchport mode access
!
interface FastEthernet0/24
description Router1 Trunk
switchport access vlan 30
switchport mode trunk
!
interface Vlan1
ip address 10.1.1.100 255.255.255.0
no ip route-cache
shutdown
!
interface Vlan5
ip address 10.10.5.1 255.255.255.0
no ip route-cache
!
ip default-gateway 10.0.1.1
ip http server
!
line con 0
exec-timeout 30 0
password 7 045F191302321816
logging synchronous
login
line vty 0 4
login
line vty 5 15
login
!
!
end
Router: 2621xm
Router#show running-config
Building configuration...
Current configuration : 2073 bytes
!
version 12.2
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname Router
!
logging queue-limit 100
enable secret 5 $1$dGwu$hIqLAqFg1Gf88prFOtlLu/
!
ip subnet-zero
!
!
!
ip dhcp pool LOCAL
network 10.1.5.0 255.255.255.0
dns-server 209.18.47.61 209.18.47.62
default-router 10.1.5.1
!
ip dhcp pool WMEE
network 10.1.10.0 255.255.255.0
dns-server 209.18.47.61 209.18.47.62
default-router 10.1.10.1
!
ip dhcp pool SAY2
network 10.1.30.0 255.255.255.0
dns-server 209.18.47.61 209.18.47.62
default-router 10.1.30.1
!
ip dhcp pool WITW
network 10.1.20.0 255.255.255.0
dns-server 209.18.47.61 209.18.47.62
default-router 10.1.20.1
!
mpls ldp logging neighbor-changes
!
!
!
!
!
!
!
!
!
no voice hpi capture buffer
no voice hpi capture destination
!
!
mta receive maximum-recipients 0
!
!
!
!
interface FastEthernet0/0
description WAN
ip address dhcp
ip nat outside
duplex auto
speed auto
no cdp enable
!
interface Serial0/0
no ip address
shutdown
!
interface FastEthernet0/1
description LAN
ip address 10.0.1.1 255.255.255.0
ip nat inside
duplex auto
speed 100
no cdp enable
!
interface FastEthernet0/1.5
encapsulation dot1Q 5
ip address 10.1.5.1 255.255.255.0
!
interface FastEthernet0/1.10
encapsulation dot1Q 10
ip address 10.1.10.1 255.255.255.0
!
interface FastEthernet0/1.20
encapsulation dot1Q 20
ip address 10.1.20.1 255.255.255.0
!
interface FastEthernet0/1.30
encapsulation dot1Q 30
ip address 10.1.30.1 255.255.255.0
!
interface BRI1/0
no ip address
shutdown
!
interface BRI1/1
no ip address
shutdown
!
interface BRI1/2
no ip address
shutdown
!
interface BRI1/3
no ip address
shutdown
!
ip nat inside source list 1 interface FastEthernet0/0 overload
no ip http server
ip classless
!
!
!
access-list 1 permit 10.0.0.0 0.0.0.255
!
!
call rsvp-sync
!
!
mgcp profile default
!
!
!
dial-peer cor custom
!
!
!
!
line con 0
exec-timeout 30 0
password 7 0117141156185257
logging synchronous
login
line aux 0
line vty 0 4
login
!
!
end
Solved! Go to Solution.
01-25-2014 06:43 PM
The default gateway on the switch needs to be 10.1.5.1 . Make the 2950 vtp transparent so you can see what vlans are created int e config itself. Verify all vlans on the 2950 are created using show vlan. Get rid of the address on vlan 1 just so it is not confusing even though it's shutdown . Maybe this might help. Check your acl beleive the way you have it , it will only match anything in the 10.0.0.0 range not any of your 10.1 addresses. Try putting your inside nat statements on your subinterfaces for each subnet. Add statements to your acl to include all your subnets not just 10.0.0.0 .
http://www.cisco.com/en/US/partner/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml
01-24-2014 06:23 PM
So far I have:
I think so far I've narrowed it down to the NAT having issues.
01-25-2014 06:43 PM
The default gateway on the switch needs to be 10.1.5.1 . Make the 2950 vtp transparent so you can see what vlans are created int e config itself. Verify all vlans on the 2950 are created using show vlan. Get rid of the address on vlan 1 just so it is not confusing even though it's shutdown . Maybe this might help. Check your acl beleive the way you have it , it will only match anything in the 10.0.0.0 range not any of your 10.1 addresses. Try putting your inside nat statements on your subinterfaces for each subnet. Add statements to your acl to include all your subnets not just 10.0.0.0 .
http://www.cisco.com/en/US/partner/tech/tk648/tk361/technologies_tech_note09186a0080094e77.shtml
01-26-2014 11:30 AM
Glen, everything is up and running smooth after following your tips. Here's what I did:
Router:
Switch:
Thank you again for your help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide