03-23-2020 11:22 AM - edited 03-23-2020 11:53 AM
Hi There,
I have a question regarding inter-vlan routing. I am currently studying this using GNS3.
Please see the attached image for the simple topology.
The ISP is setup to use NAT and Internet is working from DSW-2.
ISP:
ip nat inside source list 1 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1
interface Ethernet0/0
ip address 192.168.1.202 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
interface Ethernet0/1
ip address 192.168.5.2 255.255.255.0
ip nat inside
ip virtual-reassembly in
DSW-2# show ip route
S* 0.0.0.0/0 [1/0] via 192.168.5.2
192.168.5.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.5.0/24 is directly connected, Ethernet1/1
L 192.168.5.2/32 is directly connected, Ethernet1/1
192.168.90.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.90.0/24 is directly connected, Vlan90
L 192.168.90.252/32 is directly connected, Vlan90
C 192.168.20.0/24 is directly connected, Vlan20
L 192.168.20.252/32 is directly connected, Vlan20
DSW2#sh ip int brief
Ethernet1/1 192.168.5.1 YES manual up up
Vlan2 192.168.20.252 YES manual up up
Vlan10 192.168.90.252 YES manual up up
The problem is, none from VLAN 2 and VLAN 10 is not connecting to the internet.
Hosts on VLAN 2 & VLAN 10 are able to ping each other using DSW2's VLAN IP Address as default gateway.
IP Routing is enabled in DSW2, as well.
How can I get the host from VLAN2 & VLAN 10 to access the internet? Am I missing some additional configuration here or maybe it could be just the GNS3 issue here?
Solved! Go to Solution.
03-23-2020 11:59 AM
Hi @nsamaniego
In the ISP router you must configure a route for the vlan networks.
Either through static routes or dynamic routing.
That way, the packets can reach the vlan on their way back.
Regards
03-23-2020 11:59 AM
Hi @nsamaniego
In the ISP router you must configure a route for the vlan networks.
Either through static routes or dynamic routing.
That way, the packets can reach the vlan on their way back.
Regards
03-23-2020 12:08 PM
03-23-2020 12:04 PM
Hi,
You are missing an access list
ip nat inside source list 1 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1
access-list 10 permit 192.168.5.0 0.0.0.255
HTH
03-23-2020 12:11 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide