Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1294
Views
0
Helpful
10
Replies

Default gateway issue

kcross
Level 1
Level 1

‎11-30-2022 07:49 AM

Running into an issue with placing a layer two switch into production and could use some assistance. So in our environment we have a firewall that handles all of the DCHP and routing to the internet, our switch just acts as a layer 2 device (Catalyst 9300). For some reason when placing the switch into our environment I am unable to reach the default gateway which is the interface on the firewall. I know it is something small I am missing but I can't quite put my finger on it. The default gateway is currently set to 10.10.1.1 (which is the v1 interface on the the firewall. I will post a text file of our config, any suggestions would be greatly appreciated! 

Labels:
Preview file
14 KB
0 Helpful
10 Replies 10

kcross
Level 1
Level 1

‎11-30-2022 07:50 AM

In the config you will see a SVI for vlan 5 that is set to 10.20.1.10 but that was for our test network. Also, the firewall is plugged into gig ethernet 1/0/1

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to kcross

‎11-30-2022 08:01 AM

Hello @kcross ,

the following command

>> ip default-gateway 10.10.1.1

applies to device that have ip routing disabled.

IF your cat9300 has ip routing enabled you need to use a static default route like

ip route 0.0.0.0 0.0.0.0 10.10.1.1

or you need to enter

no ip routing

Assuming that 10.10.1.1 is the FW IP address and that you can ping it from the switch

Hope to help

Giuseppe

 

0 Helpful

kcross
Level 1
Level 1
In response to Giuseppe Larosa

‎11-30-2022 08:05 AM

The issue is I am unable to ping the firewall at 10.10.1.1 when I should be able to 

 

0 Helpful

ammahend
VIP
VIP
In response to kcross

‎11-30-2022 08:12 AM

can you share firewall config (at least the interfaces)

-hope this helps-
0 Helpful

MHM Cisco World
VIP
VIP
In response to kcross

‎11-30-2022 08:23 AM - edited ‎11-30-2022 08:56 AM 

interface GigabitEthernet1/0/21
 switchport trunk native vlan 3
 switchport trunk allowed vlan 3,6
 switchport mode trunk

native VLAN 3 ??? why you change the native vlan ?
why vlan 1 not allow ??

0 Helpful

kcross
Level 1
Level 1
In response to MHM Cisco World

‎11-30-2022 08:46 AM

Need to remove this, all vlan traffic should be tagged

0 Helpful

MHM Cisco World
VIP
VIP
In response to kcross

‎11-30-2022 08:49 AM

sorry I dont get? can you more elaborate ?

0 Helpful

kcross
Level 1
Level 1
In response to MHM Cisco World

‎11-30-2022 10:17 AM

The native vlan 3 should not be there, that portion I will need to remove

 

0 Helpful

MHM Cisco World
VIP
VIP
In response to kcross

‎11-30-2022 10:59 AM

when you check the VLAN allow in trunk do you see VLAN 1 ??
I see in your config only VLAN3 and 5 there is no VLAN1?

for native vlan 3, I see trunk native vlan1 and other trunk native vlan3, 
this sure issue for SW and forwarding frame that receive it untag. 

0 Helpful

kcross
Level 1
Level 1

‎11-30-2022 08:23 AM

kcross_0-1669825383854.png

here are the interfaces on the firewall

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card