Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
14518
Views
7
Helpful
20
Replies

Enable Internet on other VLAN

Go to solution
VCsupport17
Level 3
Level 3

‎01-25-2017 02:53 AM - edited ‎03-08-2019 09:03 AM

Hello Community,

We have this network diagram below.

We have existing VLAN 1 - 192.168.1.X /24 and works fine. All workstation can connect to internet. I have added new VLAN 40 on SG500 switch but not getting internet connection. 

Here is my config on the SG500 switch:

For VLAN:

switchd3d0b3#sh vlan

Vlan Name Ports Type Authorization
---- ----------------- --------------------------- ------------ -------------
1 1 gi1/1/1-48,te1/1/1-4, Default Required
gi2/1/1-48,te2/1/1-4,
gi3/1/1-48,te3/1/1-4,
gi4/1/1-48,te4/1/1-4,
gi5/1/1-48,te5/1/1-4,
gi6/1/1-48,te6/1/1-4,
gi7/1/1-48,te7/1/1-4,
gi8/1/1-48,te8/1/1-4,Po1-32
40 40 gi2/1/24,gi3/1/48 static Required


switchd3d0b3#sh ip int vlan 1

IP Address Type Directed Precedence Status
Broadcast
------------------- ----------- ---------- ---------- -----------
192.168.1.250/24 Static disable No Valid

switchd3d0b3#sh ip int vlan 40


IP Address Type Directed Precedence Status
Broadcast
------------------- ----------- ---------- ---------- -----------
10.2.11.1/24 Static disable No Valid

From the SG500 switch i can ping the interface VLAN 1 and 40:


switchd3d0b3#ping 10.2.11.1
Pinging 10.2.11.1 with 18 bytes of data:

18 bytes from 10.2.11.1: icmp_seq=1. time=0 ms
18 bytes from 10.2.11.1: icmp_seq=2. time=0 ms
18 bytes from 10.2.11.1: icmp_seq=3. time=0 ms
18 bytes from 10.2.11.1: icmp_seq=4. time=0 ms


switchd3d0b3#ping 192.168.1.1
Pinging 192.168.1.1 with 18 bytes of data:

18 bytes from 192.168.1.1: icmp_seq=1. time=0 ms
18 bytes from 192.168.1.1: icmp_seq=2. time=0 ms
18 bytes from 192.168.1.1: icmp_seq=3. time=0 ms
18 bytes from 192.168.1.1: icmp_seq=4. time=0 ms

From SG500 switch can ping the IP address of the PC on VLAN 1 - 192.168.1.165

switchd3d0b3#ping 192.168.1.165
Pinging 192.168.1.165 with 18 bytes of data:

18 bytes from 192.168.1.165: icmp_seq=1. time=0 ms
18 bytes from 192.168.1.165: icmp_seq=2. time=0 ms
18 bytes from 192.168.1.165: icmp_seq=3. time=0 ms
18 bytes from 192.168.1.165: icmp_seq=4. time=0 ms

But cannot ping the IP address of the PC on VLAN 40 - 10.2.11.20

switchd3d0b3#ping 10.2.11.20
Pinging 10.2.11.20 with 18 bytes of data:

PING: no reply from 10.2.11.20
PING: timeout
PING: no reply from 10.2.11.20
PING: timeout
PING: no reply from 10.2.11.20
PING: timeout
PING: no reply from 10.2.11.20
PING: timeout

No internet access on PC on VLAN 40.

I assigned IP static address on the PC:

IP- 10.2.11.20

Subnet - 255.255.255.0

GW - 10.2.11.1

DNS IP address is same as on VLAN 1 workstations that have internet.

IP routing is enabled on the SG500 switch. What need to be checked?

Thank you.

Labels:
0 Helpful
20 Replies 20

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to VCsupport17

‎01-26-2017 06:39 AM

The router is correct I don't see any issue with that config and we were able to rule it out by connecting direct to it and setting an access port to the vlan and then breaking out to the internet as it has its own switch module in built , the problem is on the actual switch side , your trunk is correct on the router side to

maybe try set the port as general like this doc see if it works

http://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=07e54124d9be46b48d6f008a306da82d_Creating_Access_Ports_on_Cisco_Managed_Switches.xml&pid=2&converted=0

0 Helpful

Go to solution
VCsupport17
Level 3
Level 3
In response to Mark Malone

‎01-26-2017 07:26 AM

Hi Mark,

I configured the port as what on the document you provided but same issue i cannot obtain IP address (169.X.X.X).

But if the port was set to trunk and I have internet but my IP is on VLAN1.

0 Helpful

Go to solution
Mark Malone
VIP Alumni
VIP Alumni
In response to VCsupport17

‎01-27-2017 12:34 AM

is the dhcp auto configuration enabled under the administration- file management tab

0 Helpful

Go to solution
VCsupport17
Level 3
Level 3
In response to Mark Malone

‎01-30-2017 10:18 AM

Hi Mark,

My issue have been resolved.

Solution:

1. Configure port gi2/1/24 on SG500 switch as access port and not trunk

2. Set gi2/1/24 as untagged member on VLAN 40

3. On the uplink port of the SG500 switch facing SG200 switch, configure as trunk and tagged VLAN40 and untagged VLAN1.

Thank you for your help.

0 Helpful

Go to solution
anoop verma
Level 1
Level 1

‎01-25-2017 03:04 AM

where is the gateway configured?

check encapsulation is gateway is on router?

0 Helpful

Go to solution
paul driver
VIP
VIP

‎01-25-2017 04:00 AM

Hello

Looking at your topology - Now you have extended to multiple subnets, The rtrs lan interface will need to have addressing for vlan1 and vlan 40, As mark suggest via sub-interfaces wtih nat enabled on both of them.

Also the SG200 switch would required a trunked interfaces into the rtr and between the other switch to carry both vlans.

Lastly you need to propagate the L2 vlans to both switches for the access ports to be assigned

res
Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card