Showing results for 
Search instead for 
Did you mean: 

Help with Lab Networking config

Hey All,

             I am new to Cisco networking,I am wondering if you could assist me with a couple questions/issues i am having. I will start by uploading a network diagram (please see photo). I am going to explain what i have setup. In this lab, i have an ISP modem(WAN), it then plugs into PFsense(gateway/firewall), which converts it to LAN, from there I have an Ethernet run going to a cisco switch into a port as uplink(Gi2/1/1). Here is where my confusion comes into place. My issues right now are how to route when dealing with multiple VLANS(inter vlan communication, i kind of got this working, but can't communicate to physical gateway IE my pfsense out to the world), and also i suppose i need help on how to configure the uplink port from the start. I just might have mis-configured that which is why I am having issues to start with. So i guess to start would be, what would be the recommended way of configuring an uplink port to the switch from a physical gateway. The next problem i have is, i have configured a trunk port (Gi2/0/48) to allow vlan 1-5 (see screen shot). I can ping all of the vlans i created as i am routing them/gave them an ip. Again the issue arises, I am unable to ping my physical gateway IP, thus unable to real the outside world. I am able to ping the gateway from inside the switch when connected via serial. 






Re: Help with Lab Networking config

Adding to this. I have a physical laptop on Gi2/0/4 which is a trunk port to allow VLAN 1-5. I ping vlan 2-5 and get no response, i then go to the physical NIC on the laptop and add the VLAN gateways and BOOM i am able to ping the VLANs in which i specify. I clearly have something misconfigured here.

Hall of Fame Expert

Re: Help with Lab Networking config

Hello Zkcetam,

the switch uplink to the PF sense internal interface only needs to carry Vlan 1 untagged (native) so you can configure it as an access port ( no trunk) in Vlan 1

int gi2/1/4

description to PF sense


switchport mode access

switchport access vlan 1


Information about Vlan2- Vlan 5 subnets is provided by using static routes on the PF sense

I write down the IOS commands for this task you need to convert to appropriate commands on PF sense device

ip route

ip route

ip route

ip route


on the Catalyst device you just need to configure a default route


ip route



ip routing has to be enabled at global level on catalyst


ip routing




All your addresses are Private addresses in 10/8 network following RFC 1918


To be able to access the internet and to ping the public IP address 73.xx.xx.xx the internal addresses have to be translated when going via the PF sense device.

This translation is performed by NAT feature .


I provide to you a sample configuration for an IOS device


interface WAN

ip nat outside


interface LAN

ip nat inside


access-list 11 permit

access-list 11 permit

access-list 11 permit

access-list 11 permit

access-list 11 permit


ip nat inside source list 11 interface WAN overload


When a packet coming from inside network with a source address that matches one of the lines of ACL 11 the source address is converted to the public address of the WAN interface and PAT port address translation is performed

multiple hosts can access internet at the same time using different TCP or UDP ports that are translated on NAT device.


Hope to help



CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards