Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1066
Views
5
Helpful
6
Replies

How to route traffic to the Internet through Switch

Go to solution
AE111
Level 1
Level 1

‎01-10-2023 10:58 AM

Hello,

Here I have a C2960 switch, in this switch there is a computer connected to the port 1/0/1, and a router connected to port 1/0/24.

show run on the switch shows:

!
ip routing
!
interface GigabitEthernet1/0/1
switchport access vlan 10
switchport mode access
!
interface GigabitEthernet1/0/24
no switchport
ip address 172.16.1.111 255.255.255.0
!
interface Vlan10
ip address 192.168.10.1 255.255.255.0
!
ip route 0.0.0.0 0.0.0.0 172.16.1.1
!
end

also on the switch sh ip route shows:

Gateway of last resort is 172.16.1.1 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 172.16.1.1
172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.16.1.0/24 is directly connected, GigabitEthernet1/0/24
L 172.16.1.111/32 is directly connected, GigabitEthernet1/0/24
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, Vlan10
L 192.168.10.1/32 is directly connected, Vlan10

on the switch:

ping www.google.com works 

ping 8.8.8.8 works

On the computer ping 172.16.1.111 works

However on the computer I cannot reach internet. both ping www.google.com and ping 8.8.8.8 does not work.

ipconfig /all on the computer shows:

IPv4 Address. . . . . . . . . . . : 192.168.10.77(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 1.1.1.1

What is missing?

Any help would be much appreciated.

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP
In response to AE111

‎01-10-2023 11:47 AM

in ISR you need to config NAT overload for PC (hosts) subnet, this make ISR NAT the private IP to public IP and you can access internet from Hosts.

View solution in original post

6 Replies 6

Go to solution
MHM Cisco World
VIP
VIP

‎01-10-2023 11:08 AM

can you share the config of router ?

0 Helpful

Go to solution
AE111
Level 1
Level 1
In response to MHM Cisco World

‎01-10-2023 11:17 AM

router is a DSL modem.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to AE111

‎01-10-2023 11:25 AM - edited ‎01-10-2023 11:25 AM

friend the router dont NAT your private IP to public, 
DSL modem only know the subnet of 172.16.1.0/24 <<- direct connect link between DSL and SW, 
that why anything behind the SW not ping internet 

to check if I am right do 
ping 8.8.8.8 source vlan 10

0 Helpful

Go to solution
AE111
Level 1
Level 1
In response to MHM Cisco World

‎01-10-2023 11:42 AM - edited ‎01-10-2023 11:47 AM

This is a test lab. in the production there is a Cisco ISR1100 sd-wan router, so will this work there?

Btw the sd-wan switch side IP is a class A private range IP.

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to AE111

‎01-10-2023 11:47 AM

in ISR you need to config NAT overload for PC (hosts) subnet, this make ISR NAT the private IP to public IP and you can access internet from Hosts.

Go to solution
AE111
Level 1
Level 1

‎01-15-2023 05:08 AM

in my test lab I have replaced the dsl modem with a fortigate 30E firewall, but still the switch is not routing the traffic to the firewall? any advice how to make that work?

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card