cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Join Customer Connection to register!
147
Views
0
Helpful
3
Replies
nikkolasg
Beginner

L3 Switch (catalyst3750G) VLAN routing almost working

Hi everyone

 

My setup is a follow :

Network subnet : 10.31.32.0/19 (gateway 10.31.32.1)

                             (unknown topology, I just connect to it through a cable in the lab)

I connected a Catalyst 3750G (,let's call it SW.) switch to it through the port 1, created a VLI for vlan 1 at address 10.31.32.122 (configured the port 1 to be in vlan 1),

and a VLI for vlan 100 (guest) at address 10.0.100.1.

For simplification, let's assume there is only two vlan configured in SW. One normal (vlan 1) and one guest (vlan 100). In vlan 1, every devies access the network & internet without problems. What i want to do is to setup the guest vlan (100) to ONLY access the internet.

So i followed this tutorial : http://www.cisco.com/c/en/us/support/docs/lan-switching/inter-vlan-routing/41860-howto-L3-intervlanrouting.html

I did NOT configure the GigabitEthernet 1/0/1 as "no switchport" according to the note :

This step can be omitted if the switch reaches the default router through a VLAN. In its place, configure an IP address for that VLAN interface.

When i plug a device into SW in vlan 100, i set up its address to 10.0.100.2. I can ping the VLI of the switch 10.0.100.1.

I can ping the VLI of the vlan 1 , 10.31.32.122. But I am UNABLE to ping any device inside the VLAN 1. Nor to the rest of the network or internet.

What is happening ? If i could not  ping the others vlan, I guessed that something was happening with my VLAN config but, why can I ping the VLI of SW but not the devices in it ... '??

 

Thank you very much,

 

Nicolas GAILLY

 

 

 

3 REPLIES 3
letal1609
Beginner

Hello, i have the same problem, did you find a solution ?

You need to configure the gateway on the clients, which by the above you wouldn't have done?

Note that routing between the networks is still possible, however.

As such, you would have to configure an ACL to prevent this.

Martin

Pawan Raut
Enthusiast

Check the config of vlan 1 and vlan 100

have you configured any ACL on that probably it look like some ACL on cvlan 1 is blocking that.