Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
414
Views
0
Helpful
3
Replies

InterVlan routing ERL and SG500 issues

johnnyparada
Level 1
Level 1

‎01-22-2018 06:24 AM - edited ‎03-08-2019 01:30 PM

Hello All,
 
I need a little assistance with getting my vlans from the switch to make it to the router and back - or simply put, my vlans (other than the default) cannot reach the internet.
 
On the switch side, I have changed it to router mode (layer 3), enabled ip routing, and set the ip route 0.0.0.0 0.0.0.0 192.168.1.1 (which is the address of the router port eth1). Vlans are 1, 192.168.1.254 for default and 101-105 @ 192.168.101-105.1, and 201-208 @ 192.168.201-08.1 (192.168.207.254 Vlan 7 is going to be differnet because I was testing where I was making my mistakes). I also setup the port on the switch connnected to the router as a trunk and allowed, in this testing case, vlan 7. Currently, I can ping from each vlan as a member, to any of the other vlans. However, when I try to ping the router or the internet from, in this case vlan 7, I get "reply unavialable; tracert will only get the response from the first hop (the vlan interface - 192.168.207.254).
 
On the router side port eth0 (71.95.196.xxx) is going to the ISP mode out to the net. Port eth1 is connected to the switch and is assigned the ip of 192.168.1.1 (I also setup an second IP 192.168.207.1). As far as the route go, I have tried to set the route back to the switch at 102.168.1.0/24(static), but for some reason the only one that goes active is the one that is connected (c). I have also added the routes for the other vlans.
 
I will attach my configs and ip routes for both my router and switch, if any one can provide me some assistance on how to get the route setup for the return back to the switch (which I believe is where my connection is broken).Or could NAT or my firewall (which I have  not altered or added any rules) come into play here. 
 
Btw, my router is an ERL and my switch is a Cisco SG500x
 
Thank you all in advance.
 
Johnny Parada

Labels:
Preview file
26 KB
Preview file
2 KB
Preview file
1 KB
Preview file
4 KB
0 Helpful
3 Replies 3

Deepak Kumar
VIP Alumni
VIP Alumni

‎01-22-2018 09:53 AM

Hi,

As I can understand your question. You have following configuration as:

 

Switch (interface gigabitethernet1/1/48)---------(Eth1)Router -----Internet

 

But check your configuration on

Switch "interface gigabitethernet1/1/48". There is VLAN 207 is tagged.  

Router "ethernet eth" is having IP: address 192.168.1.1/24.

 

Correct Configuration of the switch:

 

interface gigabitethernet1/1/48
description "Internet to Router"

switchport mode access
switchport access vlan 1

 

Regards,

Deepak Kumar

 

 

 

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful

johnnyparada
Level 1
Level 1
In response to Deepak Kumar

‎01-22-2018 06:24 PM

Hi Deepak,

 

Thank you for the response. 

 

To answer your question, I think I  have the port in trunk mode, and as a primary member of VLAN1 (untagged) and an allowed member of VLAN207 (Tagged). I was testing my connectivity as a member of VLAN207, which was unsuccessful, so I tried "allowing" it to the port to see if that would work - but no go. 

 

Any how, I was also given some advise to remove the routes on the router interface and use next hop to the switch default vlan.

 

I attached updated config's and routes for any other advise. 

 

I greatly appreciate it. 

 

Johnny 

Preview file
24 KB
Preview file
2 KB
Preview file
1 KB
Preview file
4 KB
0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni
In response to johnnyparada

‎01-22-2018 10:06 PM

Hi,

Now Please check your routing output:

 

 

ubnt@ubnt:~$ show ip route
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
> - selected route, * - FIB route, p - stale info
IP Route Table for VRF "default"
S *> 0.0.0.0/0 [1/0] via 71.95.196.xxx, eth0
C *> 71.95.196.xxx/30 is directly connected, eth0
C *> 127.0.0.0/8 is directly connected, lo
S *> 192.168.0.0/24 [1/0] via 192.168.1.254, eth1
C *> 192.168.1.0/24 is directly connected, eth1


CoreSwitch#show ip route
Maximum Parallel Paths: 1 (1 after reset)
IP Forwarding: enabled
Codes: > - best, C - connected, S - static


S 0.0.0.0/0 [1/1] via 192.168.1.1, 02:07:59, vlan 1
C 192.168.1.0/24 is directly connected, vlan 1
C 192.168.207.0/24 is directly connected, vlan 207

 

 

your router is sending packets to 192.168.0.0/24, not to 192.168.207.0/24. Please change the Static route on the router. 

Regards,

Deepak Kumar

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card