Sorry forgot that part....yes it is a trunk

interface GigabitEthernet1/0/24
 switchport mode trunk
 spanning-tree portfast

sw2960#show int trunk

Port        Mode             Encapsulation  Status        Native vlan
Gi1/0/24    on               802.1q         trunking      1

Port        Vlans allowed on trunk
Gi1/0/24    1-4094

Port        Vlans allowed and active in management domain
Gi1/0/24    1,108

Port        Vlans in spanning tree forwarding state and not pruned
Gi1/0/24    1,108
pp-WS_sw253#

Thanks for that, I thought all that firewalling had meant you had forgotten your switching :-)

There is nothing obviously wrong with your configurations other than it should be "spanning-tree porfast trunk" but that isn;t going to make it suddenly work.

When you allocate a vlan 108 IP on the PC what do you see in the arp table when you try pinging ?

And ditto from the router ie. if you try to ping the PC what do you see in the router's arp table ?

If you are pinging from the router make sure there is no firewall on the PC.

Is there anything else in the configurations or is this a pretty basic setup at the moment ?

Jon

Yeah I noticed the spanning-tree config and I did change that, I missed it when changing from an access port to a trunk port.

Firewall on PC off but it worked on VLAN 1so I did not think that would be it.

The ARP table I will check I don't remember off the top of my head. I will test that and post.

Yes that is it for the config, pretty easy which is why I am stumped. Any other ideas?

Mike

What happens when you use the router as the g/w for VLAN 1, i.e. 10.30.8.254?

In practice, this should be the case anyway, as at the moment you are going two hops.

Martin

I will give that a shot and see what it does.

Mike

Mike

I did notice you said you were using the 2960 SVI as the gateway but assumed that was a typo because you also said you could ping the vlan 108 subinterface on the router so that would have to mean the 2960 was routing but it only has one SVI.

Jon

Yeah, this is an existing network that had VLAN 1 with IP address 10.30.8.253 on the 2960 and the PC's were setup to use the VLAN 1 ip address 10.30.8.253 on the 2960 as the gateway and then there is a default gateway that now points to the new router 10.30.8.254. Now they wanted to add another VLAN so I created the sub-interfaces for VLAN 1 and VLAN 108. They wanted to keep the PC's gateway 10.30.8.253 so I left it. What I may try is changing the router VLAN 1 IP address to 10.30.8.253 which was the 2960 switch and set VLAN 1 on the switch to 10.30.8.254 and then change the default gateway on the 2960 switch accordingly.

Maybe there is something weird going on with one vlan having the gateway on the switch and the other on being on the router and somehow conflicting with the default gateway on the switch.

Mike

Mike

The 2960 does support limited routing with the right feature set but even if you have the right feature set you would need a default route ie. a default gateway is only used by the switch itself like an end PC.

So if the 2960 is not routing and there was originally just one vlan setting the clients default gateway to the SVI on the 2960 actually did nothing.

Was there just one vlan in use and did those clients not need access to anything else eg. internet ?

Because if they did I can't see how this worked without a default route.

Jon