Solved: Internet can be reached on the switch itself but on the hosts of all the vlans no

abedalmawlaitani · ‎11-23-2015

i have 2 core switchs L3 catalyst 3650 named core 1 and core 2 the problem is i have internet on the switch it self i can ping 8.8.8.8 from the switch and i can also ping 8.8.8.8 source vlan x i have double nat 1st on the dsl modem and second on the core switch ill attach the config of the core switch 1 any help would be great thank in advanced have a great day all !

Ganesh Hariharan · ‎11-23-2015

Hello ,

NAT Feature is only supported in 6500 series switches in cisco IOS family.

Remove the nat and just send the plain traffic till cable modem where the actual NAT is configired for further communication towards internet.

Hope it Helps..

-GI

Rate if it Helps

View solution in original post

Reza Sharifi · ‎11-23-2015

Even though you can configured it, but I don't think NAT is supported on the 3650 series.

You may want to double check with TAC or your SE.

HTH

abedalmawlaitani · ‎11-23-2015

thanks alot for replying im going to check with tac tomorow and see what happens have a great day !

Reza Sharifi · ‎11-23-2015

In the past NAT has been supported only on the 6500 series switches and not any other platform, but it is good idea to check with Cisco, as they maybe trying to add it to other platforms.

Ganesh Hariharan · ‎11-23-2015

Hello ,

NAT Feature is only supported in 6500 series switches in cisco IOS family.

Remove the nat and just send the plain traffic till cable modem where the actual NAT is configired for further communication towards internet.

Hope it Helps..

-GI

Rate if it Helps

abedalmawlaitani · ‎11-23-2015

thanks alot for replying i didnt puchace a router or a firewall yet i was thinking working it out all on the layer 3 switch until i contact tac to know what the issue is or at last get a new router ill thanks anyway have a great day !

Masoud Pourshabanian · ‎11-23-2015

By firewall, I meant firewall and IPS on modem. Some modems only allow traffic from their inbound IP to the outbound. You need to add rule for other IPs or turn it off.

Masoud

abedalmawlaitani · ‎11-23-2015

ok ill check that out thank you

Masoud Pourshabanian · ‎11-23-2015

Hello,

Edited.

I checked other answers and noticed that 3560 does not support NAT so remove all NATs configuratios on 3560.

If you are not able to ping 8.8.8.8 with any source as an example 192.168.3.2, you need to do some steps.

A: Configure an static IP on GigabitEthernet1/0/1 (IP must be excluded in your modem DHCP)

B. You need to configure a return route in your modem.

Route add 192.168.0.0 255.255.0.0 new IP on GigabitEthernet1/0/1(something like this).

C: turn off any firewall or IPS on the modem.

D: make sure your modem do NAT all sources.

E. Ping again with any source to check.

Let me know if you have more questions.

Masoud

abedalmawlaitani · ‎11-23-2015

thanks alot for replying i did try everything listed up until i surrendered so im going to try cisco support and see what happens ill reply back soon with the answer thanks alot for giving ur time to try to help me find a solutions have a great day !