cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
703
Views
5
Helpful
4
Replies

INTERVLAN Routing

nsamaniego
Level 1
Level 1

Hi There,

I have a question regarding inter-vlan routing. I am currently studying this using GNS3.

Please see the attached image for the simple topology.

The ISP is setup to use NAT and Internet is working from DSW-2.

ISP:

ip nat inside source list 1 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1

interface Ethernet0/0
ip address 192.168.1.202 255.255.255.0
ip nat outside
ip virtual-reassembly in
!
interface Ethernet0/1
ip address 192.168.5.2 255.255.255.0
ip nat inside
ip virtual-reassembly in

 

DSW-2# show ip route

S* 0.0.0.0/0 [1/0] via 192.168.5.2
192.168.5.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.5.0/24 is directly connected, Ethernet1/1
L 192.168.5.2/32 is directly connected, Ethernet1/1
192.168.90.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.90.0/24 is directly connected, Vlan90
L 192.168.90.252/32 is directly connected, Vlan90

C 192.168.20.0/24 is directly connected, Vlan20
L 192.168.20.252/32 is directly connected, Vlan20

 


DSW2#sh ip int brief

Ethernet1/1 192.168.5.1 YES manual up up

Vlan2 192.168.20.252 YES manual up up

Vlan10 192.168.90.252 YES manual up up

 

The problem is, none from VLAN 2 and VLAN 10 is not connecting to the internet.

Hosts on VLAN 2 & VLAN 10 are able to ping each other using DSW2's VLAN IP Address as default gateway.

IP Routing is enabled in DSW2, as well.

How can I get the host from VLAN2 & VLAN 10 to access the internet? Am I missing some additional configuration here or maybe it could be just the GNS3 issue here?

isp.png

1 Accepted Solution

Accepted Solutions

luis_cordova
VIP Alumni
VIP Alumni

Hi @nsamaniego 

 

In the ISP router you must configure a route for the vlan networks.
Either through static routes or dynamic routing.
That way, the packets can reach the vlan on their way back.

 

Regards

View solution in original post

4 Replies 4

luis_cordova
VIP Alumni
VIP Alumni

Hi @nsamaniego 

 

In the ISP router you must configure a route for the vlan networks.
Either through static routes or dynamic routing.
That way, the packets can reach the vlan on their way back.

 

Regards

Yeah. You are correct, The ISP router doesn't know how to get back to the internal networks of DSW2.
Thank you so much!

Reza Sharifi
Hall of Fame
Hall of Fame

Hi,

You are missing an access list

ip nat inside source list 1 interface Ethernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.1.1

access-list 10 permit 192.168.5.0 0.0.0.255

HTH

I have a simple access-list 1 that permits any, and the internet is working. It's just the ISP router doesn't know how to get back to the internal networks. I have it fixed now. Thank you so much for your time to help. :)
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco