01-10-2023 10:58 AM
Hello,
Here I have a C2960 switch, in this switch there is a computer connected to the port 1/0/1, and a router connected to port 1/0/24.
show run on the switch shows:
!
ip routing
!
interface GigabitEthernet1/0/1
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/24
no switchport
ip address 172.16.1.111 255.255.255.0
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 172.16.1.1
!
end
also on the switch sh ip route shows:
Gateway of last resort is 172.16.1.1 to network 0.0.0.0
S* 0.0.0.0/0 [1/0] via 172.16.1.1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/24 is directly connected, GigabitEthernet1/0/24
L 172.16.1.111/32 is directly connected, GigabitEthernet1/0/24
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, Vlan10
L 192.168.10.1/32 is directly connected, Vlan10
on the switch:
ping www.google.com works
ping 8.8.8.8 works
On the computer ping 172.16.1.111 works
However on the computer I cannot reach internet. both ping www.google.com and ping 8.8.8.8 does not work.
ipconfig /all on the computer shows:
IPv4 Address. . . . . . . . . . . : 192.168.10.77(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 1.1.1.1
What is missing?
Any help would be much appreciated.
Thanks
Solved! Go to Solution.
01-10-2023 11:47 AM
in ISR you need to config NAT overload for PC (hosts) subnet, this make ISR NAT the private IP to public IP and you can access internet from Hosts.
01-10-2023 11:08 AM
can you share the config of router ?
01-10-2023 11:17 AM
router is a DSL modem.
01-10-2023 11:25 AM - edited 01-10-2023 11:25 AM
friend the router dont NAT your private IP to public,
DSL modem only know the subnet of 172.16.1.0/24 <<- direct connect link between DSL and SW,
that why anything behind the SW not ping internet
to check if I am right do
ping 8.8.8.8 source vlan 10
01-10-2023 11:42 AM - edited 01-10-2023 11:47 AM
This is a test lab. in the production there is a Cisco ISR1100 sd-wan router, so will this work there?
Btw the sd-wan switch side IP is a class A private range IP.
01-10-2023 11:47 AM
in ISR you need to config NAT overload for PC (hosts) subnet, this make ISR NAT the private IP to public IP and you can access internet from Hosts.
01-15-2023 05:08 AM
in my test lab I have replaced the dsl modem with a fortigate 30E firewall, but still the switch is not routing the traffic to the firewall? any advice how to make that work?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide