Re: Help - EIGRP Vlan virtual IP routing

woolymammoth256 · ‎01-04-2026

Hi, I have been trying to get a virtual IP address (Vlan 13 Gateway) to route out the internet.

Everything is working fine from Sw1 and 2 as far as connectivity to the internet is concerned.

SW3 gets DHCP addresses assigned fine and can ping everything on the inside of the nat but not outside.

from what I understand the Virtual IP can not be routed via the eigrp network commend directly.

How would this be achieved?

Switch:

spanning-tree mode rapid-pvst
spanning-tree extend system-id
errdisable recovery cause bpduguard
errdisable recovery cause loopback
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
 no ip address
 no ip route-cache
 shutdown
!
interface GigabitEthernet0/1
 description TS_NBN_RTR1 Gi0/0
 no switchport
 ip address 192.168.3.2 255.255.255.252
!
interface GigabitEthernet0/2
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/3
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
.
.
.
interface GigabitEthernet0/48
 switchport access vlan 2
 switchport mode access
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet1/3
 description TS_NBN_SW3
!
interface GigabitEthernet1/4
 description TS_NBN_SW4
 switchport trunk allowed vlan 2,13,30
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface TenGigabitEthernet1/1
 description TS_NBN_SW2 TE1/1
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface TenGigabitEthernet1/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 192.168.2.2 255.255.255.0
 ip helper-address 172.16.1.1
!
interface Vlan10
 ip address 192.168.10.1 255.255.255.0
 ip helper-address 172.16.1.1
!
interface Vlan13
 ip address 192.168.13.254 255.255.255.0
 ip helper-address 176.16.1.1
 standby 13 ip 192.168.13.1
 standby 13 preempt
!
!
router eigrp 1
 network 192.168.3.2 0.0.0.0
 network 192.168.10.1 0.0.0.0
 network 192.168.13.0
 eigrp router-id 172.16.1.2
 eigrp stub connected
!
ip forward-protocol nd
!
ip http server
ip http secure-server
ip ssh version 2
!
!

Router:

ip source-route
!
!
ip cef
no ip dhcp conflict logging
!
ip dhcp pool Vlan2-16DHCP
   import all
   network 192.168.2.0 255.255.255.0
   network 192.168.10.0 255.255.255.0 secondary
     override default-router 192.168.10.1
   network 192.168.11.0 255.255.255.0 secondary
     override default-router 192.168.11.1
   network 192.168.13.0 255.255.255.0 secondary
     override default-router 192.168.13.1
   default-router 192.168.2.2
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
.
.
.
interface Loopback100
 ip address 172.16.1.1 255.255.255.255
!
interface GigabitEthernet0/0
 description TS_NBN_SW1 Gi0/1
 ip address 192.168.3.1 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 5
 duplex auto
 speed auto
 no mop enabled
!
interface GigabitEthernet0/1
 description TS_NBN_SW2 Gi0/1
 ip address 192.168.3.5 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 5
 duplex auto
 speed auto
!
interface FastEthernet0/1/0
 description NBN Internet (DHCP)
 ip dhcp client client-id ascii ts_nbn_router_1
 ip dhcp client class-id ascii
 ip dhcp client hostname TS_NBN_ROUTER1
 ip dhcp client lease 2 0 0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Serial0/3/0
 no ip address
 shutdown
 clock rate 2000000
!
router eigrp 1
 network 192.168.3.1 0.0.0.0
 network 192.168.3.5 0.0.0.0
 no auto-summary
 eigrp router-id 172.16.1.1
 eigrp stub summary
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1/0 dhcp
ip http server
no ip http secure-server
!
!
ip nat inside source list 100 interface FastEthernet0/1/0 overload
!
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 permit ip 192.168.10.0 0.0.0.255 any
access-list 100 permit ip 192.168.11.0 0.0.0.255 any
access-list 100 permit ip 192.168.13.0 0.0.0.255 any
!
!
!

David Ruess · ‎01-04-2026

Hello,

You should be able to route for your STANDBY IP network as its jut another interface with a subnet. The EIGRP network commands look ok. Can you try removing EIGRP STUB from all devices?

-David

M02@rt37 · ‎01-04-2026

Hello @woolymammoth256

SW1 and SW2 both advertise 192.168.13.0/24 into EIGRP. So, the routeur may install the route via SW1 or SW2, independent of which switch is HSRP active for vlan13... If SW1 is HSRP active but the router sends return trafic to SW2, SW2 drop it (it’s not the active gateway).

->SW3’s traffic hairpins across the trunk, making it much more sensitive to wrong return path selection !!

So, use hsrp + eigrp + tracking + TE

--

On SW1 and 2 add this track:

track 1 interface GigabitEthernet0/1 line-protocol

And add this on SVI13 on both SW too:

interface Vlan13
standby 13 track 1 decrement 50

Now, configure eigrp in the way to prefer SW1 advertisement. As an example, add delay command on interface Gi0/1 on SW1 and SW2:

SW1 (your hsrp active gateway) > delay 100

Sw2 (your hsrp backup gateway) > delay 10000

-- Now, when everything is OK (lan/wan) return traffic should go to SW1, the active hsrp Gw.

If int G0/1 on SW1 is down, track1 should do the necessary to elect SW2 as your new active Gw. Return traffic from R1 will go to SW2 since SW1 not advertise anything.

Best regards
.ı|ı.ı|ı. If This Helps, Please Rate .ı|ı.ı|ı.

paul driver · ‎01-05-2026

Hello

@woolymammoth256 wrote:

SW3 gets DHCP addresses assigned fine and can ping everything on the inside of the nat but not outside.

Can you elaborate - Do you mean a host attach to switch Sw3 cannot reach the internet?
Sw3 should not have ip routing enabled , all inter-vlan routing should be performed by Sw1-2, any switch(s) below those core switch need to run just a L2

by the way on the rtr, disable source routing
no ip source route

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Cristian Matei · ‎01-05-2026

Hi,

My wild guess is that you have three layers of devices running EIGRP stub, which means the top and bottom layer do not learn about each other prefixes, thus end-to-end routing is broken. However, let's not work on suppositions, rather see the facts.

Please post the complete configuration of all three switches as well as of the router. Additionally, post the output of following commands from all devices (switches and routers):

show eigrp address-family ipv4  interfaces 
show eigrp address-family ipv4 neighbors detail 
show eigrp address-family ipv4 topology detail-links
show ip route eigrp 
show ip route connected
show ip route static

Additionally, post the output of following commands only from all switches:

show standby brief
show interfaces trunk
show vlan brief
show ip interface brief | exclude unas

From which device, with which source, you're trying to ping which destination?

Thanks,

Cristian.

woolymammoth256 · ‎01-05-2026

Hi, @David Ruess I removed the the Stub entries and no change.

M02@rt37 I havent tried your idea yet as I currently dont have SW2 setup for Vlan 13, I am testing the connections as I am setting up. I will try turning it into a non HSRP setup and test to make sure it's not something else wierd.

@paul driver Yes I did mean when a host is connected to the switch it is given a DHCP address, The host can ping everything on the inside of the NAT including 172.16.1.1 but not 192.168.15.32 (DHCP lease of R1 fa0/1/0), 192.168.15.1 (ISP router gateway) or anything on the internet.

@Cristian Matei here are the out puts and configs.

router

TS_NBN_RTR1#sh ip route eigrp
D    192.168.13.0/24 [90/3072] via 192.168.3.2, 16:46:17, GigabitEthernet0/0
D    192.168.10.0/24 [90/3072] via 192.168.3.2, 16:32:13, GigabitEthernet0/0
D    192.168.11.0/24 [90/3072] via 192.168.3.6, 16:29:01, GigabitEthernet0/1
D*   0.0.0.0/0 is a summary, 2d21h, Null0
TS_NBN_RTR1#

TS_NBN_RTR1#sh ip route connected
C    192.168.15.0/24 is directly connected, FastEthernet0/1/0
     172.16.0.0/32 is subnetted, 1 subnets
C       172.16.1.1 is directly connected, Loopback100
     192.168.3.0/30 is subnetted, 2 subnets
C       192.168.3.0 is directly connected, GigabitEthernet0/0
C       192.168.3.4 is directly connected, GigabitEthernet0/1
TS_NBN_RTR1#

TS_NBN_RTR1#sh ip route static

TS_NBN_RTR1#

TS_NBN_RTR1#sh run
Building configuration...


Current configuration : 2522 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TS_NBN_RTR1
!
boot-start-marker
boot system flash:c2800nm-adventerprisek9-mz.124-20.T5.bin
boot-end-marker
!
logging message-counter syslog
no aaa new-model
!
dot11 syslog
no ip source-route
!
!
ip cef
no ip dhcp conflict logging
!
ip dhcp pool Vlan2-16DHCP
   import all
   network 192.168.2.0 255.255.255.0
   network 192.168.10.0 255.255.255.0 secondary
     override default-router 192.168.10.1
   network 192.168.11.0 255.255.255.0 secondary
     override default-router 192.168.11.1
   network 192.168.13.0 255.255.255.0 secondary
     override default-router 192.168.13.1
   default-router 192.168.2.2
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
voice-card 0
 no dspfarm
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
!
!
!
!
!
interface Loopback100
 ip address 172.16.1.1 255.255.255.255
!
interface GigabitEthernet0/0
 description TS_NBN_SW1 Gi0/1
 ip address 192.168.3.1 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 5
 duplex auto
 speed auto
 no mop enabled
!
interface GigabitEthernet0/1
 description TS_NBN_SW2 Gi0/1
 ip address 192.168.3.5 255.255.255.252
 ip nat inside
 ip virtual-reassembly
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 5
 duplex auto
 speed auto
!
interface FastEthernet0/1/0
 description NBN Internet (DHCP)
 ip dhcp client client-id ascii ts_nbn_router_1
 ip dhcp client class-id ascii
 ip dhcp client hostname TS_NBN_ROUTER1
 ip dhcp client lease 2 0 0
 ip address dhcp
 ip nat outside
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Serial0/3/0
 no ip address
 shutdown
 clock rate 2000000
!
router eigrp 1
 network 192.168.3.1 0.0.0.0
 network 192.168.3.5 0.0.0.0
 no auto-summary
 eigrp router-id 172.16.1.1
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 FastEthernet0/1/0 dhcp
ip http server
no ip http secure-server
!
!
ip nat inside source list 100 interface FastEthernet0/1/0 overload
!
access-list 100 permit ip 192.168.2.0 0.0.0.255 any
access-list 100 permit ip 192.168.10.0 0.0.0.255 any
access-list 100 permit ip 192.168.11.0 0.0.0.255 any
access-list 100 permit ip 192.168.13.0 0.0.0.255 any
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
line aux 0
line vty 0 4

Switch 1
TS_NBN_SW1#sh eigrp address-family ipv4 int
EIGRP-IPv4 Interfaces for AS(1)
                              Xmit Queue   PeerQ        Mean   Pacing Time   Multicast    Pending
Interface              Peers  Un/Reliable  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Routes
Gi0/1                    1        0/0       0/0         648       0/0         3240           0
Vl10                     0        0/0       0/0           0       0/0            0           0
Vl13                     0        0/0       0/0           0       0/0            0           0
TS_NBN_SW1#

TS_NBN_SW1#sh eigrp address-family ipv4 int
EIGRP-IPv4 Interfaces for AS(1)
                              Xmit Queue   PeerQ        Mean   Pacing Time   Multicast    Pending
Interface              Peers  Un/Reliable  Un/Reliable  SRTT   Un/Reliable   Flow Timer   Routes
Gi0/1                    1        0/0       0/0         648       0/0         3240           0
Vl10                     0        0/0       0/0           0       0/0            0           0
Vl13                     0        0/0       0/0           0       0/0            0           0
TS_NBN_SW1#sh eigrp address-family ipv4 nei
TS_NBN_SW1#sh eigrp address-family ipv4 neighbors detail
EIGRP-IPv4 Neighbors for AS(1)
H   Address                 Interface              Hold Uptime   SRTT   RTO  Q  Seq
                                                   (sec)         (ms)       Cnt Num
0   192.168.3.1             Gi0/1                    12 16:50:03  648  3888  0  128
   Version 12.4/1.2, Retrans: 0, Retries: 0, Prefixes: 1
   Topology-ids from peer - 0
   Topologies advertised to peer:   base

Max Nbrs: 0, Current Nbrs: 0
TS_NBN_SW1#sh eigrp address-family ipv4 top
TS_NBN_SW1#sh eigrp address-family ipv4 topology detail
TS_NBN_SW1#sh eigrp address-family ipv4 topology detail-links
EIGRP-IPv4 Topology Table for AS(1)/ID(172.16.1.2)
Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,
       r - reply Status, s - sia Status

P 192.168.3.0/30, 1 successors, FD is 2816, serno 1
        via Connected, GigabitEthernet0/1
P 192.168.10.0/24, 1 successors, FD is 2816, serno 6
        via Connected, Vlan10
P 192.168.13.0/24, 1 successors, FD is 2816, serno 3
        via Connected, Vlan13
P 0.0.0.0/0, 1 successors, FD is 3072, serno 2
        via 192.168.3.1 (3072/2816), GigabitEthernet0/1

TS_NBN_SW1#sh ip route ei
TS_NBN_SW1#sh ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 192.168.3.1 to network 0.0.0.0

D*    0.0.0.0/0 [90/3072] via 192.168.3.1, 16:50:26, GigabitEthernet0/1
TS_NBN_SW1#sh ip route conn
TS_NBN_SW1#sh ip route connected
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 192.168.3.1 to network 0.0.0.0

      192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.2.0/24 is directly connected, Vlan2
L        192.168.2.2/32 is directly connected, Vlan2
      192.168.3.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.3.0/30 is directly connected, GigabitEthernet0/1
L        192.168.3.2/32 is directly connected, GigabitEthernet0/1
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/24 is directly connected, Vlan10
L        192.168.10.1/32 is directly connected, Vlan10
      192.168.13.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.13.0/24 is directly connected, Vlan13
L        192.168.13.254/32 is directly connected, Vlan13
TS_NBN_SW1#sh ip route static
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is 192.168.3.1 to network 0.0.0.0

TS_NBN_SW1#


TS_NBN_SW1#sh standby brief
                     P indicates configured to preempt.
                     |
Interface   Grp  Pri P State   Active          Standby         Virtual IP
Vl13        13   100 P Active  local           unknown         192.168.13.1
TS_NBN_SW1#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/4       on               802.1q         trunking      1
Te1/1       on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/4       2,13,30
Te1/1       1-4094

Port        Vlans allowed and active in management domain
Gi1/4       2,13,30
Te1/1       1-2,10,13,30

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/4       2,13,30
Te1/1       1-2,10,13,30
TS_NBN_SW1#sh vlan br

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Gi0/37, Gi0/38, Gi0/39, Gi0/40
                                                Gi0/41, Gi0/42, Gi0/43, Gi0/44
                                                Gi0/45, Gi0/46, Gi0/47, Gi1/1
                                                Gi1/2, Gi1/3, Te1/2
2    Management                       active    Gi0/48
10   USER                             active    Gi0/2, Gi0/3, Gi0/4, Gi0/5
                                                Gi0/6, Gi0/7, Gi0/8, Gi0/9
                                                Gi0/10, Gi0/11, Gi0/12, Gi0/13
                                                Gi0/14, Gi0/15, Gi0/16, Gi0/17
                                                Gi0/18, Gi0/19, Gi0/20, Gi0/21
                                                Gi0/22, Gi0/23, Gi0/24
13   SW4 USER VLAN                    active
30   ISO                              active    Gi0/25, Gi0/26, Gi0/27, Gi0/28
                                                Gi0/29, Gi0/30, Gi0/31, Gi0/32
                                                Gi0/33, Gi0/34, Gi0/35, Gi0/36
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup
TS_NBN_SW1#sh ip int br | ex
TS_NBN_SW1#sh ip int br | exclude unas
Interface              IP-Address      OK? Method Status                Protocol
Vlan2                  192.168.2.2     YES NVRAM  up                    up
Vlan10                 192.168.10.1    YES NVRAM  up                    up
Vlan13                 192.168.13.254  YES NVRAM  up                    up
GigabitEthernet0/1     192.168.3.2     YES NVRAM  up                    up

TS_NBN_SW1#

TS_NBN_SW1#sh run
Building configuration...

Current configuration : 9129 bytes
!
! Last configuration change at 00:01:47 UTC Mon Jan 2 2006
!
version 15.2
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TS_NBN_SW1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
system mtu routing 1500
!
!
!
!
ip routing
!
!
!
ip domain-name TSNBN.LOCAL
!
!
!
!
!
!
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
errdisable recovery cause bpduguard
errdisable recovery cause loopback
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0
 no ip address
 no ip route-cache
 shutdown
!
interface GigabitEthernet0/1
 description TS_NBN_RTR1 Gi0/0
 no switchport
 ip address 192.168.3.2 255.255.255.252
!
interface GigabitEthernet0/2
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/3
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/4
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/5
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/6
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/7
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/8
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/9
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/10
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/11
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/12
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/13
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/14
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/15
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/16
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/17
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/18
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/19
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/20
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/21
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/22
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/23
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/24
 switchport access vlan 10
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/25
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/26
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/27
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/28
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/29
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/30
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/31
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/32
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/33
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/34
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/35
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/36
 switchport access vlan 30
 switchport mode access
 spanning-tree portfast edge
 spanning-tree bpduguard enable
!
interface GigabitEthernet0/37
!
interface GigabitEthernet0/38
!
interface GigabitEthernet0/39
!
interface GigabitEthernet0/40
!
interface GigabitEthernet0/41
!
interface GigabitEthernet0/42
!
interface GigabitEthernet0/43
!
interface GigabitEthernet0/44
!
interface GigabitEthernet0/45
!
interface GigabitEthernet0/46
!
interface GigabitEthernet0/47
!
interface GigabitEthernet0/48
 switchport access vlan 2
 switchport mode access
!
interface GigabitEthernet1/1
!
interface GigabitEthernet1/2
!
interface GigabitEthernet1/3
 description TS_NBN_SW3
!
interface GigabitEthernet1/4
 description TS_NBN_SW4
 switchport trunk allowed vlan 2,13,30
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface TenGigabitEthernet1/1
 description TS_NBN_SW2 TE1/1
 switchport access vlan 2
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface TenGigabitEthernet1/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 ip address 192.168.2.2 255.255.255.0
 ip helper-address 172.16.1.1
!
interface Vlan10
 ip address 192.168.10.1 255.255.255.0
 ip helper-address 172.16.1.1
!
interface Vlan13
 ip address 192.168.13.254 255.255.255.0
 ip helper-address 176.16.1.1
 standby 13 ip 192.168.13.1
 standby 13 preempt
!
!
router eigrp 1
 network 192.168.3.2 0.0.0.0
 network 192.168.10.1 0.0.0.0
 network 192.168.13.0
 eigrp router-id 172.16.1.2
 eigrp stub connected
!
ip forward-protocol nd
!
!
ip http server
ip http secure-server
ip ssh version 2
!
!
!
!
!
line con 0
line vty 0 4

Switch 4
TS_NBN_SW4#sh eigrp address-family ipv4 int
TS_NBN_SW4#


TS_NBN_SW4#sh eigrp address-family ipv4 topology detail-links
TS_NBN_SW4#sh ip route ei
TS_NBN_SW4#sh ip route eigrp
Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty
TS_NBN_SW4#sh ip route conn
TS_NBN_SW4#sh ip route connected
Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty
TS_NBN_SW4#
TS_NBN_SW4#sh ip route static
Default gateway is not set

Host               Gateway           Last Use    Total Uses  Interface
ICMP redirect cache is empty
TS_NBN_SW4#


TS_NBN_SW4#sh standby br
TS_NBN_SW4#sh int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi0/1       on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi0/1       2,13,30

Port        Vlans allowed and active in management domain
Gi0/1       2,13,30

Port        Vlans in spanning tree forwarding state and not pruned
Gi0/1       2,13,30
TS_NBN_SW4#sh vlan br

VLAN Name                             Status    Ports
---- -------------------------------- --------- -------------------------------
1    default                          active    Fa0/12, Gi0/2
2    Management                       active
13   USER                             active    Fa0/1, Fa0/2, Fa0/3, Fa0/4
                                                Fa0/5, Fa0/6, Fa0/7, Fa0/8
                                                Fa0/9, Fa0/10, Fa0/11
30   ISO                              active
1002 fddi-default                     act/unsup
1003 token-ring-default               act/unsup
1004 fddinet-default                  act/unsup
1005 trnet-default                    act/unsup
TS_NBN_SW4#sh ip int br | ex
TS_NBN_SW4#sh ip int br | exclude unas
Interface              IP-Address      OK? Method Status                Protocol
Vlan13                 192.168.13.4    YES manual up                    up

TS_NBN_SW4#

TS_NBN_SW4#sh run
Building configuration...

Current configuration : 2409 bytes
!
! Last configuration change at 03:29:12 UTC Sat Apr 2 2011
! NVRAM config last updated at 03:29:22 UTC Sat Apr 2 2011
!
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname TS_NBN_SW4
!
boot-start-marker
boot-end-marker
!
no aaa new-model
system mtu routing 1500
!
!
!
!
!
!
spanning-tree mode rapid-pvst
spanning-tree extend system-id
!
!
!
!
!
!
!
!
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/1
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/2
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/3
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/4
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/5
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/6
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/7
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/8
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/9
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/10
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/11
 switchport access vlan 13
 spanning-tree portfast
 spanning-tree bpduguard enable
!
interface FastEthernet0/12
!
interface GigabitEthernet0/1
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 2,13,30
 switchport mode trunk
!
interface GigabitEthernet0/2
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 no ip address
 ip helper-address 176.16.1.1
!
interface Vlan13
 ip address 192.168.13.4 255.255.255.0
 ip helper-address 172.16.1.1
!
interface Vlan30
 no ip address
 ip helper-address 176.16.1.1
!
ip http server
ip http secure-server
!
!
!
!
line con 0
line vty 0 4

paul driver · ‎01-05-2026

Hello
As i’ve stated previously you need to remove all L3 from sw4 - there is no requirement for it to be running any routing
0nly If you require mgt reachability you just need to enable a single mgt svi with a default gateway of its related L3 svi vip which be running on the sw1-2

Example
sw4
conf t
no ip routing
no int vlan 2/13/30

Int vlan xx
description mgt
Ip address x.x.x.x y.y.y.y
exit
ip default-gateway x.x.x.x (vip of a L3 svi running on sw1/2

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Cristian Matei · ‎01-05-2026

Hi,

Make the following changes:

1. On the router, advertise its Loopback into EIGRP, for clarity, even if you advertise the default route via EIGRP summary, as Loopback is used as DHCP Helper. Also, set AD of 255 on the EIGRP summary, otherwise the router does not install the static default route via DHCP into RIB, it prefers the EIGRP NULL 0 default route, for which reason you can't route towards Internet:

router eigrp 1
 network 172.16.1.1 0.0.0.0
 summary-metric 0.0.0.0 0.0.0.0 distance 255
!
interface GigabitEthernet0/0
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 255
!
interface GigabitEthernet0/1
 ip summary-address eigrp 1 0.0.0.0 0.0.0.0 255

2. On SW1, you have a wrong network statement, for which reason the associated subnet is not advertised into EIGRP, for which reason the router doesn't know how to route back for it:

router eigrp 1
 no network 192.168.3.2 0.0.0.0
 network 192.168.2.2 0.0.0.0

3. On SW4, in case you want it to reach out on the Internet, it needs a default route and routing enabled:

ip routing
ip route 0.0.0.0 0.0.0.0 Vlan13 192.168.13.1

Thanks,

Cristian.

woolymammoth256 · ‎01-10-2026

Hi All, Sorry for the delayed update. Turns out the original config works and all the issues stemmed from the ISP router being a POS. I was about to wipe the configs and start again as stuff that had been working wasn't etc. Not sure weather to replace it with a Cisco router as the connection is IP over Ethernet.

It was a Netgear V7610 rebadged as a Telstra device.

I will be implementing some of the changes suggested here.

Thank you for your assistance.