cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
215
Views
15
Helpful
10
Replies
Highlighted
Participant

How to route traffic from cisco 350 to internet through internet modem

Hi,  

 

 

I am not able ping internet 8.8.8.8 through internet modem huawei hg8245w5 from different vlans on 350 as core switch of small network

 

I can ping from wan vlanW on 350 to 8.8.8.8

 

I have connected modem as access port under vlanw for wan with default gateway as modem's ip

 

I created a static route to internet as 0.0.0.0 /24 (ip address of wan modem)

 

I am not able to get internet on other vlans of switch as ping failing.

 

What is the mistake i am doing

 

 

Shall i make the 350 port connected to modem as trunk? Will it understand then?

 

Pls advise.

10 REPLIES 10
Highlighted
Hall of Fame Master

Re: How to route traffic from cisco 350 to internet through internet modem

We do not have much detail to work with and that makes it difficult to identify the issue. Based on what we know so far my first guess is that the issue is that you are not doing address translation for the addresses in the other vlans.

HTH

Rick
Highlighted
Participant

Re: How to route traffic from cisco 350 to internet through internet modem

The modem has only one subnet that can modified , for example 192.168.100.0/24 with its ip as 192.168.100.1.

 

 

So I created on 350 core switch ,  vlan100 for wan with interface vlan100 as 192.168.100.2 /24 alongwith putting the port from 350 to modem as access and I have made default gateway on core as 192.168.100.1 and static route on internet as 0.0.0.0 /24 192/168.100.1 

 

now 350 is able to ping 192.168.100.1 and the internet 8.8.8.8 but when I ping 8.8.8.8 with source as any of the other local vlans on 350 like wlan 6, the ping is failing.

 

Is this because of access port from core to lan port of modem? Or is it because of modem having only one subnet and not knowing how to reply back to ping from internal vlans of 350? NAT must be inbuilt in internet modems but it would be only translating the allowed subnet of modem 192.168.100.0/24

 

What should I do and how to resolve this? 

 

 

Highlighted
VIP Mentor

Re: How to route traffic from cisco 350 to internet through internet modem

Hello

I am assuming the hosts in the other vlans are on a different subnet than the rtr vlan?

if so and you don't have admin access to that rtr then you will need another rtr so to enable the hosts in those other vlans to be able to reach the internet as i don't think your switch would support NAT



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted
Participant

Re: How to route traffic from cisco 350 to internet through internet modem

Hi Paul ,

I have access to internet home router/modem provided by service provider for access to internet.

But there is nat option available and only one subnet is allowed.

So are my local vlan not accessing internet because there is no nat to translate local vlans to public ip of modem?

How to resolve this?

Is customer's decision to go with home router a mistake? Should he have purchased a business router like cisco 4000 series?
Highlighted
VIP Mentor

Re: How to route traffic from cisco 350 to internet through internet modem

Hello

if that rtr only allows you to have one local subnet then you won't be able to get those other vlans to work for internet access  unless that is you add an additional soho rtr that supports nat then you would be able to accomplish internet access as you can double nat those other vlans 



kind regards
Paul

Please rate and mark posts accordingly if you have found any of the information provided useful.
It will hopefully assist others with similar issues in the future
Highlighted
Hall of Fame Master

Re: How to route traffic from cisco 350 to internet through internet modem

The original poster refers to home router/modem provided by service provider. I am not clear whether the 350 is the home router or whether the service provider did provide some router and the customer chose the 350 as the switch to connect to the router. But if only a single vlan is supported and if there is no option to enable nat then this is the real problem. Services that are needed to support a network with several vlans are not available here.

 

 

The original poster has asked several questions that I would address:

- "Shall i make the 350 port connected to modem as trunk?" I do not know the details of the internet modem but it very unlikely that the internet modem would support trunking. So making the connection into a trunk is not likely to help.

- "Is customer's decision to go with home router a mistake?" Assuming that the 350 is what is referred to as home router then yes choosing this was a mistake. From Cisco's perspective this is a switch and not a router. To the customer this is not obvious but there are significant differences in services performed by switches or by routers. And address translation is one of those services that is supported on routers but not on most switches.

HTH

Rick
Highlighted
Participant

Re: How to route traffic from cisco 350 to internet through internet modem

Hi Richard,

 

350x  is the layer3 switch deployed as core for a small network of 8 220 series layer2 access switches.

These switches were deployed by us and all internet network is configured and wirking fine with multiple vlans for admin,voice,wifi,guest,tv etc

 

But, now the customer has purchased a 200mb monthly internet subscription alongwith inter router/modem of Huawei- hg8245w5 which he wants us to use as a internet router to provide internet access to internal network 

 

This router is connected to 350core switch using access port under vlan x for wan and 350 default gateway and route set to router ip of 1192.168.x.1

 

 

I am able to ping amd trace 8.8.8.8 from 350 through router but when i ping using source as any other vlan on 350 - the ping fails.

 

So i am confused about what to do as there is configurable feature available on router to create static route to teach router the route to local vlans through 350 nor is there nat.

 

So now i am left with only option of telling customer to provide router with staic route and nat feature.

 

Pls advise Is there any  thing i can check before changing router

 

 

Highlighted
Hall of Fame Master

Re: How to route traffic from cisco 350 to internet through internet modem

Thanks for the additional information. I am interested in your explanation that you had the 350 working as core switch with a group of 220 access switches and it was working fine. Did that implementation has Internet access? Or was it working only as a private internal network without Internet access?

 

If it was working and did have Internet access then what was providing address translation?

HTH

Rick
Highlighted
Participant

Re: How to route traffic from cisco 350 to internet through internet modem

Presently  only internal network with all layer3 switching at 350 core is working.

But still no internet access as the internet modem router-huawei hg8245w5 which is connected from 350 through access port under vlan 80.

 

350 switch can ping and trace to 8.8.8.8 through modem but when i I ping using source as other vlan ip on core then ping fails.

That means only from vlan 80 on 350 the ping and trace to 8.8.8.8 is working.

I have concluded that below must be the reasons for no internet access on other vlans on 350.

1. No feature on internet router to create static route fo creating a route to core 350 for return traffic from internet

2. No nat configurable available on router so as i can nat all internal traffic

3.Access port to modem to be changed to trunk port allowing all vlans as advised by tac

Highlighted
Hall of Fame Master

Re: How to route traffic from cisco 350 to internet through internet modem

Thanks for confirming that what was working was internal networking and not access to Internet. Here is my response to the 3 points that you make:

1) If there is no feature on the Internet router to create static routes for the networks created in the internal network then this is a serious problem. The way to solve the problem would be to obtain and install another router that would connect between the Internet router and the 350 and would provide address translation for the addresses used in the internal network. This would mean that the Internet router would see all traffic as coming from its connected network.

2) If there is no way to configure address translation on the Internet router then that also is a serious problem. The solution to this is the same as in 1) - to obtain and install another router that would connect between the Internet router and the 350 and would provide address translation.

3) If tac advised changing the 350 interface into a trunk then it seems to me that tac did not have a good understanding of your environment. If the Internet router is so limited that it does not provide a way to create static routes or to configure address translation for extra networks, then I would be very surprised if the Internet router supported trunking on its interface. (And even if it did support trunking then the traffic coming to the Internet router would be from multiple networks and if you can not configure address translation then how would this work?) 

 

Even though I do not think it will work, it might be worth while to configure the 350 interface as a trunk. This would allow you to test it and to inform tac that you did try their solution and that it did not work.

HTH

Rick
CreatePlease to create content
Content for Community-Ad